Publicly Disclosed
PoC Exploits

A Local File Inclusion (LFI) vulnerability has been identified in the Webmail Classic UI of Zimbra Collaboration (ZCS) versions 10.0 and 10.1. This flaw stems from the improper handling of user-supplied request parameters within the RestFilter servlet. An unauthenticated remote attacker can explo...

A vulnerability has been identified in the Online Guitar Store application version 1.0, affecting the deletion functionality located in /admin/Delete_product.php. By manipulating the 'del_pro' argument, attackers can execute SQL injection attacks, allowing unauthorized access to the underlying da...

A vulnerability exists in the Online Guitar Store 1.0 due to improper handling of input in the Create_product.php file. By manipulating the 'dre_title' argument, an attacker can execute SQL injection attacks remotely. This flaw exposes the application to unauthorized data access and integrity thr...

An integer overflow vulnerability was identified in Apple’s operating systems, where improper input validation could allow a remote attacker to disrupt the application or potentially execute arbitrary code. This flaw affects several versions of tvOS, iTunes, iOS, iPadOS, watchOS, and macOS, neces...

A vulnerability exists in the Code-Projects Online Guitar Store version 1.0, specifically within the /admin/Create_category.php file. This security flaw allows for SQL injection through improper handling of user-input parameters in the dre_Ctitle argument. As the vulnerability is publicly disclos...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

A vulnerability in the PHPGurukul Online Course Registration system up to version 3.1 has been identified, which allows an attacker to bypass authorization mechanisms. This flaw can potentially lead to unauthorized access, enabling remote exploitation by malicious actors. As the exploit has been ...

A remote code execution vulnerability in Microsoft Outlook allows an attacker to run arbitrary code on a user's system. This can occur when the vulnerable version processes specially crafted email messages, which can result in unauthorized access or control over the affected system. Attackers can...

A cross-site request forgery (CSRF) vulnerability has been identified in PHPEMS versions up to 11.0, associated with an unspecified function. This flaw allows malicious actors to execute unauthorized commands on behalf of authenticated users, potentially compromising sensitive data and the integr...

A command injection vulnerability has been identified in Warp Terminal's Docker integration, affecting versions prior to 2024.07.18. This issue allows an attacker to craft a malicious hyperlink capable of executing arbitrary commands on the victim's machine if clicked. Users are urged to update t...

The Frappe Learning Management System (LMS) prior to version 2.42.0 is susceptible to a Cross-Site Scripting (XSS) vulnerability. This allows authenticated users to exploit the system by injecting malicious HTML and JavaScript into the description fields found in Job, Course, and Batch forms. Suc...

A security vulnerability in Campcodes School File Management System version 1.0 exposes an unknown function within the /save_file.php file, allowing attackers to manipulate the File argument. This can lead to unrestricted file uploads, potentially enabling remote exploitation. This issue has been...

The Comments plugin for WordPress, prior to version 7.6.40, exposes a critical vulnerability involving improper validation of user identities when integrating with the disqus.com provider. This issue allows attackers to bypass authentication mechanisms and log in as any user, simply by having kno...

A security vulnerability exists in the Uasoft Badaso platform, specifically within the Token Handler's forgetPassword function located in the BadasoAuthController.php file. This flaw can lead to inadequate password recovery processes, potentially allowing unauthorized access to user accounts. Att...

The Gargoyle router management utility versions 1.5.x contains an authenticated OS command execution vulnerability. The flaw resides in the /utility/run_commands.sh script, where the application does not properly validate or restrict inputs supplied via the 'commands' parameter. This oversight al...

A vulnerability identified in iCMS, impacting versions up to 8.0.0, arises from a flaw in the Save function of the app/config/ConfigAdmincp.php file. This issue permits attackers to manipulate the configuration settings through POST requests, leading to potential code injection. As a result, an a...

The COMMAX Biometric Access Control System 1.0.0 is susceptible to an unauthenticated reflected cross-site scripting vulnerability. Exploitation occurs through manipulation of the 'CMX_ADMIN_NM' and 'CMX_COMPLEX_NM' cookie parameters, allowing malicious actors to inject and execute arbitrary HTML...

The KZTech JT3500V 4G LTE CPE (version 2.0.1) is affected by a vulnerability that allows attackers to exploit inadequate session expiration controls. This flaw permits the reuse of old session credentials, enabling unauthorized users to maintain access and potentially compromise the authenticatio...

STVS ProVision version 5.9.10 is susceptible to a cross-site scripting (XSS) vulnerability allowing authenticated attackers to manipulate the 'files' POST parameter. This weakness enables the injection of arbitrary HTML code, resulting in the execution of malicious scripts in the user's browser s...

MeterN version 1.2.3 has a significant vulnerability that allows attackers to perform authenticated remote code execution via the 'COMMANDx' and 'LIVECOMMANDx' POST parameters in the admin_meter2.php and admin_indicator2.php scripts. This flaw enables an attacker with administrative access to exe...

Cypress Solutions CTM-200 version 2.7.1 is vulnerable to an authenticated command injection attack through its firmware upgrade script. The vulnerability exists within the 'fw_url' parameter of the ctm-config-upgrade.sh script, allowing remote attackers to inject and execute arbitrary shell comma...

The CTM-200 and CTM-ONE devices by Cypress Solutions include a security flaw identified by hard-coded credentials, specifically a static 'Chameleon' password. This vulnerability allows attackers to exploit the affected Linux distribution, providing them with unauthorized remote root access throug...

Epic Games' Psyonix Rocket League before version 1.95 contains a vulnerability related to insecure permissions. This issue permits authenticated users to alter executable files, leveraging full access permissions assigned to the 'Authenticated Users' group. This could lead to unauthorized modific...

The ZBL EPON ONU Broadband Router V100R001 possesses a vulnerability that allows limited administrative users to escalate their privileges. This is achieved by sending specially crafted requests to the router's configuration endpoints, enabling attackers to potentially access sensitive configurat...

The NuCom 11N Wireless Router version 5.07.90 is vulnerable to privilege escalation due to improper handling of requests to the configuration backup endpoint. Non-privileged users can exploit this flaw by sending a specially crafted HTTP GET request. This allows attackers to access and decode sen...

Selea CarPlateServer version 4.0.1.6 has a vulnerability that permits remote program execution via a misconfigured NO_LIST_EXE_PATH parameter. By exploiting this flaw, attackers can bypass authentication through the /cps/ endpoint, gaining the ability to alter server configurations. This can lead...

The Selea CarPlateServer 4.0.1.6 features a vulnerability related to an unquoted service path in its Windows service configuration. This flaw enables local users to potentially execute arbitrary code with elevated privileges. By exploiting the unquoted binary path associated with the service, an ...

A command injection vulnerability has been discovered in the D-Link DIR-806A router within the SSDP Request Handler's ssdpcgi_main function. This flaw allows remote attackers to manipulate inputs and execute arbitrary commands on the device, potentially compromising its security. The risk is part...

A security vulnerability has been identified in PHPGurukul Small CRM version 4.0, specifically within the /admin/edit-user.php file. This issue involves a lack of proper authorization checks, allowing unauthorized users to manipulate the system remotely. The flaw has been made publicly known, and...

The ThrottleStop driver, a legitimate component from TechPowerUp, presents a vulnerability due to insecure IOCTL interfaces that permit arbitrary read and write access to the physical memory through the MmMapIoSpace function. This flaw can be exploited by malicious applications running in user mo...

GeoServer, an open-source server used for sharing and editing geospatial data, has been found to contain an XML External Entity (XXE) vulnerability. The issue emerges in versions 2.26.0 to just before 2.26.2 and prior to 2.25.6, where unsanitized XML input can be processed through the specific en...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

The Ultimate Post Kit Addons for Elementor plugin versions prior to 4.0.16 suffer from an improper access control vulnerability. Specifically, multiple AJAX endpoints, such as upk_alex_grid_loadmore_posts, are exposed without proper authentication checks. This oversight allows unauthenticated att...

The Knowband Mobile App Builder WordPress plugin prior to version 3.0.0 contains a security flaw that permits unauthenticated users to delete any user account through its REST API. This vulnerability arises from missing authorization checks, allowing attackers to exploit the system and remove use...

A deserialization vulnerability has been identified in EyouCMS up to version 1.7.7, affecting the application/api/controller/Ajax.php component. This flaw exists in the unserialize function, which can be exploited through manipulation of the attstr argument, allowing remote attackers to potential...

A vulnerability exists in EyouCMS, specifically in the Ask Module's Ask.php file, allowing malicious actors to perform cross site scripting (XSS) attacks. This can be triggered by manipulating the 'content' argument within the application. Remote attackers can exploit this weakness, potentially c...

A security vulnerability has been identified in EyouCMS versions up to 1.7.7, specifically within the saveRemote function in application/function.php. This flaw allows for server-side request forgery (SSRF), enabling attackers to manipulate requests and potentially expose sensitive server-side re...

A vulnerability allows unauthenticated attackers to exploit the mail server product, facilitating the upload of arbitrary files to any location on the server. This could lead to unauthorized actions, including the potential for remote code execution, thereby compromising the integrity and securit...

A Cross Site Scripting vulnerability exists in Philipinho Simple-PHP-Blog, specifically in the /login.php file. The vulnerability arises when an attacker manipulates the Username parameter, enabling remote execution of malicious scripts. This issue affects the product's integrity, making user dat...

A vulnerability has been identified in the Linux kernel's crypto module that potentially affects the integrity of encryption methods. The issue arises from the handling of the ssize parameter during decryption and in-place encryption processes. Specifically, the ssize check was not conducted earl...

A cross-site scripting vulnerability has been identified in the youlaitech Vue3-Element-Admin component, specifically within the file src/views/system/notice/index.vue. This flaw permits remote attackers to inject malicious scripts into the application, which can be executed in the context of the...

A serious vulnerability affecting Tenda networking products has been identified in the Shadow File component. This flaw allows local attackers to gain unauthorized access due to the presence of hard-coded credentials. Disclosed publicly, the vulnerability highlights the need for immediate action ...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

The vulnerability in Clinic's Patient Management System version 1.0 allows an attacker to execute arbitrary code remotely. This is achieved through a flaw in the profile picture upload feature located in users.php, which does not adequately validate file uploads. As a result, an attacker can uplo...

The ETAP Safety Manager version 1.0.0.32 is vulnerable to a cross-site scripting (XSS) attack via the 'action' GET parameter. This vulnerability allows unauthenticated attackers to inject and execute malicious HTML and JavaScript in the browsers of users accessing the affected system. By crafting...

Ksenia Security's Lares 4.0 version 1.6 is susceptible to a URL redirection flaw within the 'cmdOk.xml' script. This vulnerability enables attackers to exploit the 'redirectPage' GET parameter, allowing them to generate malicious links. When a user, who is authenticated, clicks on such a link fro...

An unprotected endpoint vulnerability exists in the Ksenia Security Lares 4.0 Home Automation version 1.6. This flaw enables authenticated attackers to upload MPFS File System binary images, which can lead to the overwriting of flash program memory. By exploiting this weakness, attackers may exec...

The Ksenia Security Lares Home Automation version 1.6 is susceptible to a vulnerability that involves default administrative credentials. This weakness permits unauthorized individuals to gain administrative control over the home automation system, potentially leading to significant security brea...

Anevia Flamingo XL version 3.2.9 contains a vulnerability that exposes users to severe security risks by allowing remote attackers to escape the sandboxed environment via the traceroute command. This flaw can be exploited to inject malicious shell commands, potentially granting attackers full roo...

The Akuvox Smart Intercom S539 is exposed to a serious vulnerability that permits unauthorized users to access live video feeds. By sending a request to the video.cgi endpoint on port 8080, attackers can obtain sensitive video stream data without any form of authentication. This flaw compromises ...