Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered 2 days ago

PoC for CVE-2026-25050

VendurehqVendure2.7LOW
Timing Attack Vulnerability in Vendure Open-Source Commerce Platform

The Vendure open-source headless commerce platform has a vulnerability in the `NativeAuthenticationStrategy.authenticate()` method, which is susceptible to timing attacks. This flaw allows malicious actors to differentiate between valid and invalid usernames by exploiting the timing discrepancies...

PoC for CVE-2026-24061

GnuInetutils🟣 EPSS 30%9.8CRITICAL
Remote Authentication Bypass in GNU Inetutils Telnetd

The GNU Inetutils telnet daemon (telnetd) is vulnerable to a remote authentication bypass that can occur when an attacker manipulates the USER environment variable by specifying a '-f root' value. This flaw allows unauthorized users to gain access without proper authentication. Affected users sho...

PoC for CVE-2020-37079

Wing Ftp ServerWing Ftp Server5.1MEDIUM
Cross-Site Request Forgery Vulnerability in Wing FTP Server

Wing FTP Server versions prior to 6.2.7 are susceptible to a cross-site request forgery (CSRF) vulnerability within its web administration interface. This security flaw enables an attacker to create a malicious HTML page that triggers unintended actions, such as deleting administrative user accou...

PoC for CVE-2020-37170

RaimersoftTapinradio6.7MEDIUM
Denial of Service Vulnerability in TapinRadio by Raimersoft

In TapinRadio version 2.12.3, a denial of service vulnerability exists due to improper validation of the application proxy address configuration. Local attackers can exploit this weakness by injecting 3000 bytes of arbitrary data into the address field, which may lead to a crash of the applicatio...

PoC for CVE-2020-37171

RaimersoftTapinradio6.7MEDIUM
Denial of Service Vulnerability in TapinRadio by Raimersoft

The application TapinRadio 2.12.3 is vulnerable to a denial of service attack due to improper handling of the proxy username configuration. Local attackers may exploit this vulnerability by inputting 10,000 bytes of arbitrary data into the username field, leading to an application crash and disru...

PoC for CVE-2020-37165

Celestial SoftwareAbsolutetelnet6.7MEDIUM
Denial of Service Vulnerability in AbsoluteTelnet 11.12 by Celestia...

AbsoluteTelnet 11.12 is vulnerable to a denial of service attack that can be exploited by a local attacker. By supplying an oversized license name, specifically a payload of up to 2500 characters, an attacker can trigger an application crash, leading to service disruption. This vulnerability high...

PoC for CVE-2020-37166

Celestial SoftwareAbsolutetelnet6.9MEDIUM
Denial of Service Vulnerability in AbsoluteTelnet by Celestial Soft...

AbsoluteTelnet 11.12 is susceptible to a denial of service vulnerability in the SSH2 username input field. This flaw allows local attackers to exploit the application by overwriting the username field with a 1000-byte buffer, leading to application crashes and unresponsiveness. It is critical for...

PoC for CVE-2020-37164

Celestial SoftwareAbsolutetelnet6.7MEDIUM
Denial of Service In AbsoluteTelnet 11.12 Vulnerability

AbsoluteTelnet 11.12 is susceptible to a denial of service vulnerability, allowing local attackers to crash the application. By inputting an oversized license name, attackers can send a payload of up to 2500 characters into the license entry field, leading to application instability and crashes. ...

PoC for CVE-2020-37162

Wedding Slideshow...Wedding Slideshow Studio8.4HIGH
Buffer Overflow Vulnerability in Wedding Slideshow Studio by Weddin...

Wedding Slideshow Studio 1.36 contains a vulnerability that allows an attacker to exploit a buffer overflow via the registration key input. This can be achieved by crafting a malicious payload of 1608 bytes that targets the application's stack memory, enabling the execution of arbitrary code. The...

PoC for CVE-2020-37163

QuickdateQuickdate8.8HIGH
SQL Injection Vulnerability in QuickDate by QuickDate Script

QuickDate version 1.3.2 is susceptible to a SQL injection vulnerability that enables remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. This flaw permits the injection of UNION-based SQL queries, potentially giving attackers access to se...

PoC for CVE-2020-37160

VeridiumSprintwork8.5HIGH
Local Privilege Escalation in SprintWork by Veridium

SprintWork 2.3.1 presents multiple local privilege escalation vulnerabilities due to improper file, service, and folder permissions in Windows environments. Unprivileged local users can exploit these weaknesses, including missing executable files and misconfigured services, enabling them to creat...

PoC for CVE-2020-37159

ParallaxisCuckoo Clock8.4HIGH
Buffer Overflow in Parallaxis Cuckoo Clock 5.0 Affects Alarm Schedu...

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability in its alarm scheduling feature, which can be exploited by attackers to execute arbitrary code by manipulating memory registers. By crafting a payload larger than 260 bytes, an attacker can overwrite critical registers, such as ...

PoC for CVE-2020-37161

Wedding Slideshow...Wedding Slideshow Studio8.4HIGH
Buffer Overflow Vulnerability in Wedding Slideshow Studio by HighPeak

Wedding Slideshow Studio version 1.36 is susceptible to a buffer overflow vulnerability that enables attackers to execute arbitrary code. By manipulating the registration name field with specially crafted input, an attacker can overwrite critical memory locations, which could lead to unauthorized...

PoC for CVE-2020-37155

Core FtpCore Ftp Lite6.7MEDIUM
Buffer Overflow Vulnerability in Core FTP Lite by Core FTP

Core FTP Lite 1.3 is susceptible to a buffer overflow vulnerability in the username input field. By supplying an oversized payload, such as a 7000-byte string of repeated 'A' characters, attackers can exploit this flaw to crash the application. This vulnerability does not require any additional i...

PoC for CVE-2020-37157

DbpowerDbpower C300 Hd Camera8.7HIGH
Configuration Disclosure Vulnerability in DBPower C300 HD Camera

The DBPower C300 HD Camera is susceptible to a configuration disclosure vulnerability that enables unauthorized users to access sensitive information. The flaw arises from an exposed configuration backup endpoint that can be accessed without authentication. By targeting the /tmpfs/config_backup.b...

PoC for CVE-2020-37157

DbpowerDbpower C300 Hd Camera8.7HIGH
Configuration Disclosure Vulnerability in DBPower C300 HD Camera

The DBPower C300 HD Camera is susceptible to a configuration disclosure vulnerability that enables unauthorized users to access sensitive information. The flaw arises from an exposed configuration backup endpoint that can be accessed without authentication. By targeting the /tmpfs/config_backup.b...

PoC for CVE-2020-37154

Tripath ProjectElection7.1HIGH
Authenticated SQL Injection in eLection 2.0 by Tripath

eLection 2.0 contains an authenticated SQL injection vulnerability within its candidate management endpoint. By manipulating the 'id' parameter, attackers can execute arbitrary SQL commands, potentially resulting in unauthorized data access or alterations. This flaw can be exploited using tools l...

PoC for CVE-2020-37147

AtutorAtutor7HIGH
SQL Injection Vulnerability in ATutor by Modern Knowledge Solutions

ATutor version 2.2.4 features a SQL injection vulnerability that exists within the admin user deletion page. This flaw permits authenticated users to manipulate SQL queries via the 'id' parameter in the admin_delete.php script. Attackers can leverage this vulnerability to inject harmful SQL comma...

PoC for CVE-2020-37154

Tripath ProjectElection7.1HIGH
Authenticated SQL Injection in eLection 2.0 by Tripath

eLection 2.0 contains an authenticated SQL injection vulnerability within its candidate management endpoint. By manipulating the 'id' parameter, attackers can execute arbitrary SQL commands, potentially resulting in unauthorized data access or alterations. This flaw can be exploited using tools l...

PoC for CVE-2020-37141

Amss++Amss++8.8HIGH
SQL Injection Vulnerability in AMSS++ Mail Module by AMSS

The AMSS++ application version 4.31 contains a SQL injection vulnerability within the mail module's maildetail.php script. This vulnerability arises due to improper handling of the 'id' parameter, allowing attackers to craft malicious SQL queries. By exploiting this flaw, attackers could gain una...

PoC for CVE-2020-37146

Ace SecurityAptina Ar0130 960p 1.3...8.7HIGH
Configuration Disclosure Vulnerability in ACE Security WiP-90113 HD...

The ACE Security WiP-90113 HD Camera is affected by a configuration disclosure vulnerability that enables attackers, without authentication, to access sensitive configuration files. By exploiting an endpoint vulnerability, attackers can send a GET request to /config_backup.bin, which allows them ...

PoC for CVE-2020-37135

AmssplusAmss++9.3CRITICAL
Authentication Bypass in AMSS++ 4.7 by Vendor

AMSS++ 4.7 is vulnerable to an authentication bypass, enabling attackers to gain unauthorized access to administrative accounts by exploiting hardcoded credentials. Specifically, the default admin login details, ‘1234’ as both username and password, allow unauthorized users to access sensitive ad...

PoC for CVE-2020-37122

NsauditorFtp Password Recover6.7MEDIUM
Denial of Service Vulnerability in SpotFTP-FTP Password Recover by NSA

SpotFTP-FTP Password Recover version 2.4.8 is susceptible to a denial of service attack due to a buffer overflow vulnerability. Attackers can exploit this weakness by providing a specially crafted registration code comprising 1000 'Z' characters, leading the application to crash. This vulnerabili...

PoC for CVE-2020-37109

Asc Applied Softw...Asc Timetables6.7MEDIUM
Denial of Service Vulnerability in aSc TimeTables by aSc

aSc TimeTables 2020.11.4 is vulnerable to a Denial of Service attack that can be exploited by an attacker through the manipulation of the Subject title field. By inputting an excessively long 1000-character string into this field, the attacker can cause the application to crash, resulting in pote...

PoC for CVE-2020-37107

Core FtpCore Ftp Le6.7MEDIUM
Denial of Service Vulnerability in Core FTP LE by Core FTP

Core FTP LE 2.2 is susceptible to a denial of service attack that can render the application inoperable. By exploiting this vulnerability, an attacker can enter an excessively large buffer into the account field, causing the application to freeze and necessitate reinstallation to restore function...

PoC for CVE-2020-37106

BdtaskBusiness Live Chat Sof...5.1MEDIUM
Cross-Site Request Forgery Vulnerability in Business Live Chat Soft...

The Business Live Chat Software 1.0 is susceptible to a cross-site request forgery (CSRF) vulnerability that permits attackers to alter user account roles without the need for proper authentication. By crafting a malicious HTML form, an attacker can send a POST request to modify user privileges, ...

PoC for CVE-2020-37095

CyberoamCyberoam Authenticatio...8.4HIGH
Buffer Overflow Vulnerability in Cyberoam Authentication Client

The Cyberoam Authentication Client version 2.1.2.7 is susceptible to a buffer overflow vulnerability, enabling remote attackers to exploit the 'Cyberoam Server Address' input field. By crafting malicious input, attackers can overwrite memory associated with the Structured Exception Handler (SEH),...

PoC for CVE-2026-2070

Utt进取 520w8.7HIGH
Buffer Overflow Vulnerability in UTT 进取 520W Router Firmware

A buffer overflow vulnerability exists in the UTT 进取 520W router, specifically in the strcpy function located in the /goform/formPolicyRouteConf file. This flaw allows an attacker to manipulate the GroupName argument, potentially leading to unauthorized access and exploitation. The vulnerability ...

PoC for CVE-2026-2069

Ggml-orgLlama.cpp4.8MEDIUM
Stack-based Buffer Overflow in ggml-org Llama.cpp by ggml-org

A significant vulnerability has been identified in the ggml-org llama.cpp, specifically in the function llama_grammar_advance_stack found in the GBNF Grammar Handler component. This vulnerability allows an attacker to exploit a stack-based buffer overflow, necessitating local access for successfu...

PoC for CVE-2026-2068

Utt进取 520w8.7HIGH
Buffer Overflow Vulnerability in UTT 进取 520W by UTT

A vulnerability exists in the UTT 进取 520W version 1.7.7-180627 that allows an attacker to exploit the strcpy function in the /goform/formSyslogConf file. By manipulating the ServerIp argument, an attacker can trigger a buffer overflow, posing a significant risk of remote exploitation. This vulner...

PoC for CVE-2026-2067

Utt进取 520w8.7HIGH
Buffer Overflow Vulnerability in UTT 进取 520W Router

A security vulnerability has been identified in the UTT 进取 520W router with version 1.7.7-180627. This flaw specifically lies within the strcpy function in the /goform/formTimeGroupConfig file, where improper handling of the 'year1' argument leads to a buffer overflow. This vulnerability can be e...

PoC for CVE-2026-2066

Utt进取 520w8.7HIGH
Buffer Overflow Risk in UTT 进取 520W by UTT

A vulnerability has been found in the UTT 进取 520W device version 1.7.7-180627. The flaw resides in the strcpy function implemented in the /goform/formIpGroupConfig file. By manipulating the groupName argument, an attacker can trigger a buffer overflow, enabling a potential remote exploitation of ...

PoC for CVE-2026-25731

KovidgoyalCalibre7.8HIGH
Server-Side Template Injection in calibre E-book Manager by Kovid G...

The calibre e-book manager, developed by Kovid Goyal, is vulnerable to a Server-Side Template Injection (SSTI) issue in versions prior to 9.2.0. This flaw arises from its Templite templating engine, where users can execute arbitrary code by utilizing a malicious custom template file during ebook ...

PoC for CVE-2026-2065

Flycatcher ToysSmart Pixelator5.3MEDIUM
Bluetooth Low Energy Vulnerability in Flycatcher Toys smART Pixelat...

A significant security flaw has been identified in the Flycatcher Toys smART Pixelator 2.0 related to its Bluetooth Low Energy Interface. This vulnerability allows attackers on the local network to exploit functionalities that lack proper authentication measures. The potential for unauthorized ac...

PoC for CVE-2026-2064

PortabilisI-educar5.1MEDIUM
Cross Site Scripting Vulnerability in Portabilis i-Educar by Portab...

A cross site scripting vulnerability exists in Portabilis i-Educar versions up to 2.10, specifically in the User Data Page component located at /intranet/meusdadod.php. An attacker can exploit this vulnerability by manipulating file argument inputs, which allows for the execution of arbitrary scr...

PoC for CVE-2026-2063

D-linkDir-823x5.1MEDIUM
OS Command Injection Vulnerability in D-Link DIR-823X Web Managemen...

A significant security flaw has been identified in the D-Link DIR-823X router's web management interface, specifically within the /goform/set_ac_server file. This vulnerability allows attackers to manipulate the ac_server argument, leading to unauthorized OS command injection. Remote exploitation...

PoC for CVE-2026-2062

Open5GSOpen5gs6.9MEDIUM
Null Pointer Dereference in Open5GS PGW S5U Address Handler

A vulnerability identified in the Open5GS PGW S5U Address Handler can lead to a null pointer dereference through the functions sgwc_s5c_handle_modify_bearer_response and sgwc_sxa_handle_session_modification_response. This issue can be exploited remotely, potentially allowing attackers to cause a ...

PoC for CVE-2026-2061

D-linkDir-823x5.1MEDIUM
OS Command Injection Vulnerability in D-Link Router

The D-Link DIR-823X router contains a vulnerability within the function sub_424D20 located in the /goform/set_ipv6 file. This issue allows an attacker to perform OS command injection remotely, potentially compromising the device and the network it connects to. The exploit has been publicly disclo...

PoC for CVE-2026-2060

Code-projectsSimple Blood Donor Man...6.9MEDIUM
SQL Injection Vulnerability in Simple Blood Donor Management System...

An SQL injection vulnerability has been identified in the Simple Blood Donor Management System, specifically in the file /simpleblooddonor/editcampaignform.php. By manipulating the argument ID, an attacker can execute unauthorized SQL commands, potentially compromising the database. This vulnerab...

PoC for CVE-2026-2059

SourcecodesterMedical Center Portal ...6.9MEDIUM
SQL Injection Vulnerability in SourceCodester Medical Center Portal...

A SQL injection vulnerability was identified in the Medical Center Portal Management System 1.0, specifically within the emp_edit1.php file. This vulnerability arises from inadequacies in input validation, allowing attackers to manipulate the 'ID' argument remotely, leading to unauthorized access...

PoC for CVE-2019-25293

BluestacksBlue Stacks App Player8.5HIGH
Unquoted Service Path Vulnerability in BlueStacks App Player by Blu...

The BlueStacks App Player version 2.4.44.62.57 is susceptible to an unquoted service path vulnerability within the BstHdLogRotatorSvc service. This flaw allows local attackers to exploit the unquoted service path located in C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe. By doing so, ...

PoC for CVE-2019-25305

InforprogramaJumpstart8.5HIGH
Unquoted Service Path Vulnerability in JumpStart by Infor

JumpStart 0.6.0.0 contains a significant security flaw due to an unquoted service path in the jswpbapi service, which operates with LocalSystem privileges. This vulnerability allows attackers to craft a path that injects and executes malicious code under elevated system permissions, potentially c...

PoC for CVE-2019-25304

IssivsIntelligent Security S...8.5HIGH
Unquoted Service Path Vulnerability in SecurOS Enterprise by Intell...

SecurOS Enterprise 10.2 by Intelligent Security System exposes an unquoted service path vulnerability in its SecurosCtrlService. This flaw enables local users to potentially execute arbitrary code with elevated privileges by exploiting the unquoted service path located in C:\Program Files (x86)\I...

PoC for CVE-2019-25303

ThejshenContentmanagementsystem7.1HIGH
SQL Injection Vulnerability in TheJshen Content Management System

TheJshen Content Management System version 1.04 is susceptible to an SQL injection vulnerability due to improper handling of the 'id' GET parameter. This flaw allows attackers to execute various SQL injection techniques, including boolean-based, time-based, and UNION-based methods, potentially co...

PoC for CVE-2019-25302

AcerLaunch Manager8.5HIGH
Unquoted Service Path Vulnerability in Acer Launch Manager

Acer Launch Manager version 6.1.7600.16385 has a vulnerability in the DsiWMIService that stems from an unquoted service path. This oversight allows local users to exploit the unquoted path located at C:\Program Files (x86)\Launch Manager\dsiwmis.exe, enabling them to execute arbitrary code with e...

PoC for CVE-2019-25301

ThrsrossiMillhouse Project5.1MEDIUM
Persistent Cross-Site Scripting in Millhouse-Project by Thrsrossi

The Millhouse-Project version 1.414 is susceptible to a persistent cross-site scripting (XSS) vulnerability, primarily found in the comment submission feature. This flaw enables attackers to inject malicious JavaScript code via the 'content' parameter in the add_comment_sql.php file. As a result,...

PoC for CVE-2019-25299

RimbalinuxAhadpos7.1HIGH
SQL Injection Vulnerability in RimbaLinux AhadPOS by RimbaLinux

RimbaLinux AhadPOS 1.11 is susceptible to SQL injection through the 'alamatCustomer' parameter. This vulnerability allows attackers to craft specific POST requests that can manipulate database queries. By leveraging time-based and boolean-based blind SQL injection techniques, attackers may extrac...

PoC for CVE-2019-25300

ThejshenGlobitek Cms7.1HIGH
SQL Injection Vulnerability in Globitek CMS by thejshen

The Globitek CMS version 1.4 developed by thejshen is susceptible to SQL injection via the 'id' GET parameter, allowing attackers to execute unauthorized database queries. This vulnerability enables the use of various techniques such as boolean-based, time-based, and UNION-based SQL injections, p...

PoC for CVE-2019-25294

Lolypop55Html5 Snmp5.1MEDIUM
Persistent Cross-Site Scripting in html5_snmp by LolyPop

html5_snmp version 1.11 is vulnerable to a persistent cross-site scripting (XSS) attack. This flaw allows attackers to inject malicious JavaScript through the 'Remark' parameter in the 'add_router_operation.php' file. By crafting a specific POST request containing a script payload in the Remark f...

PoC for CVE-2019-25298

Lolypop55Html5 Snmp7.1HIGH
SQL Injection Vulnerabilities in html5_snmp Product by LolyPop

The html5_snmp 1.11 product by LolyPop is susceptible to multiple SQL injection vulnerabilities that can be exploited via the Router_ID and Router_IP parameters. These vulnerabilities allow attackers to manipulate database queries using various techniques, including error-based, time-based, and u...