Publicly Disclosed
PoC Exploits

The backup restore function in TP-Link RE605X routers fails to properly validate tags in backup files. An attacker can exploit this vulnerability by supplying a specially crafted backup file that contains unexpected or unrecognized tags. When this malicious file is restored, the router's shell in...

The Online-Exam-System 2015 has a vulnerability in its feedback module where an SQL injection can be executed through the 'fid' parameter. This security flaw permits attackers to manipulate database queries, allowing unauthorized access to sensitive data, and potentially enabling them to extract,...

Navigate CMS 2.8.7 is impacted by an authenticated SQL injection vulnerability that allows attackers to manipulate the 'sidx' parameter in comments to extract sensitive database information. By leveraging time-based blind SQL injection techniques, attackers can gain access to user activation keys...

The Crystal Shard http-protection version 0.2.0 is susceptible to an IP spoofing vulnerability that enables attackers to manipulate request headers, specifically X-Forwarded-For, X-Client-IP, and X-Real-IP. By hardcoding uniform IP values across these headers, malicious actors can bypass essentia...

Navigate CMS 2.8.7 has a security flaw that allows attackers to carry out cross-site request forgery (CSRF) attacks. By exploiting this vulnerability, an attacker can deceive authenticated administrators into uploading malicious extensions via a crafted HTML page. The lack of sufficient validatio...

AirControl 1.4.2 features a pre-authentication remote code execution flaw that permits unauthenticated attackers to execute arbitrary system commands. By exploiting the /.seam endpoint, an attacker can inject malicious Java expressions through specially crafted URLs, allowing them to execute comm...

The Online-Exam-System 2015 features a time-based blind SQL injection vulnerability in its feedback form, particularly within the 'feed.php' endpoint. This flaw allows attackers to execute crafted malicious payloads that leverage time delays to systematically identify and extract user password ha...

Quick Player version 1.3 is susceptible to a buffer overflow vulnerability, which can be exploited by attackers through the manipulation of specially crafted .m3l files. By leveraging this flaw, an adversary can execute arbitrary code remotely after loading the malicious file within the applicati...

Quick Player version 1.3 is susceptible to a buffer overflow vulnerability, which can be exploited by attackers through the manipulation of specially crafted .m3l files. By leveraging this flaw, an adversary can execute arbitrary code remotely after loading the malicious file within the applicati...

The Sistem Informasi Pengumuman Kelulusan Online 1.0 is susceptible to a cross-site request forgery (CSRF) vulnerability, which allows attackers to create unauthorized administrative accounts through the 'tambahuser.php' endpoint. By crafting a malicious HTML form, an attacker can submit admin cr...

Frigate version 3.36.0.9 contains a local buffer overflow vulnerability that affects the Command Line input field. An attacker can exploit this vulnerability by sending a carefully crafted input sequence that overflows the buffer. This allows the attacker to bypass Data Execution Prevention (DEP)...

Quick Player version 1.3 is susceptible to a buffer overflow vulnerability, which can be exploited by attackers through the manipulation of specially crafted .m3l files. By leveraging this flaw, an adversary can execute arbitrary code remotely after loading the malicious file within the applicati...

OpenCTI version 3.3.1 is susceptible to a reflected cross-site scripting attack via the /graphql endpoint. This vulnerability allows an attacker to inject arbitrary JavaScript into the victim's browser by sending a specially crafted GET request. The exploitation of this vulnerability can lead to ...

The 10-Strike Bandwidth Monitor 3.9 is susceptible to a buffer overflow vulnerability that enables attackers to bypass critical security mechanisms such as SafeSEH, ASLR, and DEP. This weakness can be exploited via a specially crafted input directed at the application's registration key input. If...

Frigate Professional 3.36.0.9 is susceptible to a local buffer overflow vulnerability within its 'Find Computer' feature. This flaw allows attackers to exploit the computer name input field, crafting a malicious payload that triggers a buffer overflow. Successful exploitation can lead to unauthor...

A local buffer overflow vulnerability exists in Code Blocks 17.12, where attackers can exploit the file name input during project creation. By entering a specially crafted file name containing Unicode characters, an attacker may execute arbitrary code on the host machine. This exploitation can al...

Frigate 2.02 is susceptible to a denial of service vulnerability that allows malicious actors to crash the application. By sending oversized input—specifically a payload of 8000 repeated characters—through the command line interface, an attacker can effectively render the application non-function...

Code Blocks 20.03 is susceptible to a denial of service attack that can be exploited by sending a specially crafted input to the FSymbols search field. By pasting an excessive payload of 5000 repeated characters, an attacker can induce an application crash, disrupting normal functionality and wor...

The e-Learning PHP Script version 0.1.0 is susceptible to a SQL injection vulnerability found in its search functionality. This flaw enables attackers to execute arbitrary SQL commands through the 'search' parameter by manipulating unvalidated user input. Consequently, this can result in unauthor...

RM Downloader version 2.50.60 contains a vulnerability that allows local attackers to exploit a buffer overflow through the 'Load' parameter. This flaw permits the execution of arbitrary code, enabling adversaries to craft malicious payloads that can bypass memory protections. A successful attack...

Wing FTP Server version 6.3.8 is susceptible to a remote code execution vulnerability through its Lua-based web console. Authenticated users can exploit this flaw by sending POST requests containing malicious commands, which are executed on the server's operating system via the os.execute() funct...

The Infor Storefront B2B 1.0 software is susceptible to a SQL injection vulnerability through the 'usr_name' parameter during login requests. This flaw allows attackers to inject harmful SQL commands, which can lead to unauthorized access and potential modification or extraction of sensitive data...

HelloWeb 2.0 is prone to an arbitrary file download vulnerability that enables remote attackers to exploit manipulated filepath and filename parameters. By crafting specific GET requests aimed at the download.asp script, attackers can leverage directory traversal techniques to retrieve sensitive ...

The Simple Startup Manager version 1.17 has a local buffer overflow vulnerability that can be exploited by attackers. By crafting a specifically designed payload with just 268 bytes, attackers can manipulate the 'File' input parameter to overwrite memory. This vulnerability allows them to bypass ...

FTPDummy version 4.80 has a local buffer overflow vulnerability due to improper handling of preference files. An attacker can exploit this vulnerability by crafting a malicious preference file that contains specially defined shellcode. When processed by the FTPDummy application, this crafted file...

Sickbeard Alpha is susceptible to a remote command injection vulnerability that enables unauthenticated attackers to execute arbitrary commands. By manipulating the extra scripts configuration, attackers can insert malicious commands into the field, which, when processed, can lead to unauthorized...

The Socusoft Photo to Video Converter Professional 8.07 is susceptible to a local buffer overflow vulnerability in the 'Output Folder' input field. This flaw permits attackers to insert a specially crafted payload into the output folder field, leading to a stack-based buffer overflow and potentia...

Sickbeard version 0.1 is vulnerable to a cross-site request forgery flaw, enabling attackers to manipulate users into executing unwanted actions. By tricking users into submitting a malicious configuration form, the attackers can effectively clear the web application’s stored authentication crede...

Nidesoft DVD Ripper version 5.2.18 is susceptible to a local buffer overflow due to improper handling of user input in the License Code registration parameter. By injecting a specifically crafted payload into this field, attackers can exploit this vulnerability to achieve arbitrary code execution...

The Port Forwarding Wizard version 4.8.0 suffers from a buffer overflow vulnerability that can be exploited by local attackers. By sending a crafted long request via the Register feature, an attacker may manipulate the application's memory. This could lead to the execution of arbitrary code, allo...

Koken CMS version 0.22.24 is susceptible to a file upload vulnerability that enables authenticated attackers to circumvent file extension restrictions. By manipulating file upload requests—potentially using a web proxy—attackers can rename malicious PHP files, allowing for the execution of system...

Koken CMS version 0.22.24 is susceptible to a file upload vulnerability that enables authenticated attackers to circumvent file extension restrictions. By manipulating file upload requests—potentially using a web proxy—attackers can rename malicious PHP files, allowing for the execution of system...

NetPCLinker 1.0.0.0 is susceptible to a buffer overflow vulnerability found in the DNS/IP field within the Clients Control Panel. This flaw allows attackers to inject crafted malicious payloads into the input field, which can manipulate SEH (Structured Exception Handling) handlers, leading to arb...

A cross site scripting vulnerability exists in the web interface of the D-Link DSL-6641K version N8.TR069.20131126. This flaw, associated with the function ad_virtual_server_vdsl, can be exploited through manipulation of the 'Name' argument. An attacker could potentially initiate a remote attack,...

A significant use-after-free vulnerability has been identified in Apple’s iOS and macOS products, impacting versions prior to the latest updates. This flaw arises due to improper memory management, allowing maliciously crafted web content to trigger arbitrary code execution. Apple has acknowledge...

A vulnerability has been identified in the User Management component of SourceCodester Pet Grooming Management Software 1.0. This flaw lies in the manipulation of the argument 'group_id' within the /admin/operation/user.php file, leading to improper access controls. Attackers can exploit this vul...

A security vulnerability has been identified in the itsourcecode Student Management System version 1.0, specifically in the processing of inputs within the file /enrollment/index.php. This vulnerability allows an attacker to manipulate the argument ID, leading to SQL injection attacks. As a resul...

A security vulnerability has been discovered in Projectworlds' House Rental and Property Listing software version 1.0, specifically in the /app/sms.php file. This issue arises from improper handling of user-supplied input in the Message parameter, which can be exploited to execute arbitrary JavaS...

A deserialization vulnerability has been identified in bolo-solo versions up to 2.6.4, specifically within the importMarkdownsSync function located in the BackupService.java file of the SnakeYAML component. This vulnerability allows an attacker to craft malicious input that can be remotely proces...

A vulnerability has been identified in the Tenda HG10 router, specifically within the /boaform/formSysCmd file. This flaw allows remote attackers to inject arbitrary commands through the sysCmd argument. When exploited, this vulnerability could lead to unauthorized system command execution, posin...

A command injection vulnerability exists in the Tenda HG10 device's login interface, specifically within the checkUserFromLanOrWan function of the formLogin file. By manipulating the Host argument, an attacker can execute arbitrary commands on the device. This vulnerability can be exploited remot...

Atomic Alarm Clock 6.3 is vulnerable to a local privilege escalation flaw stemming from an unquoted service path configuration. This vulnerability enables attackers to install a rogue executable named 'Program.exe' within the service's path, thereby granting them system-level access. Exploiting t...

Popcorn Time 6.2.1.14 contains an unquoted service path vulnerability that could allow local non-privileged users to execute code with elevated system privileges. By placing malicious executables in the Program Files (x86) directory or system root, attackers may leverage this flaw to run harmful ...

The Andrea ST Filters Service version 1.0.64.7 is affected by an unquoted service path issue that can be exploited by local attackers. This vulnerability allows the execution of malicious code with elevated privileges during the startup of the service. If properly exploited, an attacker could gai...

The Outline Service version 1.3.3 contains a security flaw involving an unquoted service path. This vulnerability permits local users to exploit the unquoted binary path located in C:\Program Files (x86)\Outline, which could allow malicious code to be injected and executed with elevated privilege...

OpenZ ERP 3.6.60 is vulnerable to persistent cross-site scripting (XSS) within the Employee module. This vulnerability allows attackers to inject malicious scripts via POST requests to the name and description parameters. Successful exploitation can lead to session hijacking, which enables unauth...

Orchard Core RC1 is susceptible to a persistent cross-site scripting vulnerability that enables attackers to inject malicious scripts into blog posts. By exploiting this flaw, malicious actors can craft blog entries containing harmful JavaScript via the MarkdownBodyPart.Source parameter. When uns...

Tryton 5.4 is affected by a persistent cross-site scripting vulnerability that enables remote attackers to inject harmful scripts via the user profile name input. This vulnerability allows the execution of malicious payloads in both the frontend and backend user interfaces, posing significant ris...

The Sellacious eCommerce platform version 4.6 is susceptible to a persistent cross-site scripting (XSS) vulnerability within the Manage Your Addresses module. This security flaw enables attackers to inject malicious scripts through various input fields, including full name, company, and address. ...

The Forma.lms E-Learning Suite version 2.3.0.2 is susceptible to a persistent cross-site scripting vulnerability that enables attackers to inject harmful scripts into various fields, including course code, name, description, and email parameters. This flaw allows for the execution of arbitrary Ja...