Publicly Disclosed
PoC Exploits

The ACF to REST API plugin for WordPress is susceptible to Insecure Direct Object Reference, enabling attackers with Contributor-level access and above to manipulate ACF fields for posts they do not own. This security issue stems from inadequate capability checks within the update_item_permission...

The Relevanssi plugin, including its premium version, prior to specified updates, fails to properly sanitize and escape user-supplied parameters in SQL statements. This flaw can be exploited by users with contributor roles or higher, allowing them to execute arbitrary SQL queries, potentially com...

The Frontend File Manager Plugin for WordPress prior to version 23.5 is susceptible to a path traversal vulnerability. This issue arises from inadequate validation of a path parameter and the ownership of files. As a result, any authenticated user, including those with subscriber-level access, ma...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

The AuntyFey Smart Combination Lock firmware versions up to December 24, 2025, are susceptible to an exploit that enables an unauthenticated attacker within Bluetooth Low Energy (BLE) proximity to initiate an overwhelming number of BLE connection attempts. This barrage of connection requests can ...

The Microsoft Playwright MCP Server, prior to version 0.0.40, is susceptible to a DNS rebinding vulnerability due to inadequate validation of the Origin header in incoming connections. This flaw could allow attackers to exploit a victim's web browser to send unauthorized requests, potentially cau...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

A vulnerability exists in the TRENDnet TEW-811DRU router that allows for OS command injection through the manipulation of the setDeviceURL function in the uapply.cgi file. This flaw provides remote attackers the capability to execute arbitrary commands on the affected device, potentially compromi...

A security vulnerability exists in TRENDnet TEW-713RE version 1.02, specifically in the '/goformX/formFSrvX' file. This unknown function allows an attacker to manipulate the 'SZCMD' argument, leading to the possibility of remote OS command injection. The exploit methodology is now publicly availa...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to a sensitive information disclosure flaw. This vulnerability enables remote attackers to intercept essential authentication credentials transmitted in cleartext through cookies. By exploiting the autoSave feature, attackers can c...

The QiHang Media Web Digital Signage version 3.0.9 is affected by a vulnerability that allows remote attackers to intercept user authentication credentials. This exploitation results from cleartext cookie transmission, which can facilitate man-in-the-middle attacks, enabling attackers to capture ...

The Arteco Web Client DVR/NVR is susceptible to a session hijacking vulnerability, which arises from insufficient complexity in session IDs. This flaw permits remote attackers to conduct brute force attacks within a specific numeric range, enabling them to guess valid session IDs. Once compromise...

The Arteco Web Client DVR/NVR is susceptible to a session hijacking vulnerability, which arises from insufficient complexity in session IDs. This flaw permits remote attackers to conduct brute force attacks within a specific numeric range, enabling them to guess valid session IDs. Once compromise...

The Sony BRAVIA Digital Signage version 1.7.8 exhibits a significant vulnerability related to remote file inclusion. This flaw allows unauthorized users to inject arbitrary client-side scripts via the content material URL parameter. By exploiting this vulnerability, attackers can potentially hija...

The Sony BRAVIA Digital Signage version 1.7.8 exhibits a significant vulnerability related to remote file inclusion. This flaw allows unauthorized users to inject arbitrary client-side scripts via the content material URL parameter. By exploiting this vulnerability, attackers can potentially hija...

The Arteco Web Client DVR/NVR is susceptible to a session hijacking vulnerability, which arises from insufficient complexity in session IDs. This flaw permits remote attackers to conduct brute force attacks within a specific numeric range, enabling them to guess valid session IDs. Once compromise...

The Sony BRAVIA Digital Signage version 1.7.8 exhibits a significant vulnerability related to remote file inclusion. This flaw allows unauthorized users to inject arbitrary client-side scripts via the content material URL parameter. By exploiting this vulnerability, attackers can potentially hija...

The Sony BRAVIA Digital Signage version 1.7.8 has a vulnerability that enables unauthenticated attackers to exploit exposed API endpoints. This flaw allows unauthorized access to sensitive system details, including but not limited to network interface information, server configurations, and cruci...

The Sony BRAVIA Digital Signage version 1.7.8 has a vulnerability that enables unauthenticated attackers to exploit exposed API endpoints. This flaw allows unauthorized access to sensitive system details, including but not limited to network interface information, server configurations, and cruci...

The Sony BRAVIA Digital Signage version 1.7.8 has a vulnerability that enables unauthenticated attackers to exploit exposed API endpoints. This flaw allows unauthorized access to sensitive system details, including but not limited to network interface information, server configurations, and cruci...

Sony BRAVIA Digital Signage version 1.7.8 is susceptible to an insecure direct object reference issue, which permits attackers to circumvent authorization controls. This vulnerability can be exploited to gain unauthorized access to hidden system resources, including the '/#/content-creation' path...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to an improper access control vulnerability, allowing authenticated users to elevate their privileges. By exploiting insecure direct object references through console JavaScript functions, attackers can gain the ability to create n...

The RED-V Super Digital Signage System version 5.1.1 is susceptible to an information disclosure vulnerability that permits unauthenticated attackers to access sensitive webserver log files. By exploiting this flaw, attackers can navigate various endpoints to extract critical system resources and...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to an improper access control vulnerability, allowing authenticated users to elevate their privileges. By exploiting insecure direct object references through console JavaScript functions, attackers can gain the ability to create n...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to an improper access control vulnerability, allowing authenticated users to elevate their privileges. By exploiting insecure direct object references through console JavaScript functions, attackers can gain the ability to create n...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to a cross-site request forgery (CSRF) issue that permits attackers to execute administrative functions without proper request validation. This vulnerability arises from insufficient CSRF protections, which allows malicious actors ...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to a cross-site request forgery (CSRF) issue that permits attackers to execute administrative functions without proper request validation. This vulnerability arises from insufficient CSRF protections, which allows malicious actors ...

The iDS6 DSSPro Digital Signage System version 6.2 is susceptible to a cross-site request forgery (CSRF) issue that permits attackers to execute administrative functions without proper request validation. This vulnerability arises from insufficient CSRF protections, which allows malicious actors ...

The TDM Digital Signage PC Player version 4.1.0.4 contains a vulnerability that permits authenticated users to modify executable files due to improper permissions. This flaw can be exploited by attackers who, after gaining access to an account, can replace legitimate executables with malicious bi...

The TDM Digital Signage PC Player version 4.1.0.4 contains a vulnerability that permits authenticated users to modify executable files due to improper permissions. This flaw can be exploited by attackers who, after gaining access to an account, can replace legitimate executables with malicious bi...

Adtec Digital SignEdje Digital Signage Player v2.08.28 is vulnerable due to multiple hardcoded default credentials. This design flaw enables unauthenticated remote access to the web, telnet, and SSH interfaces. Malicious actors can exploit these hardcoded credentials to gain root-level access, po...

Adtec Digital SignEdje Digital Signage Player v2.08.28 is vulnerable due to multiple hardcoded default credentials. This design flaw enables unauthenticated remote access to the web, telnet, and SSH interfaces. Malicious actors can exploit these hardcoded credentials to gain root-level access, po...

The Plexus anblick Digital Signage Management version 3.1.13 contains a significant open redirect vulnerability within the 'PantallaLogin' script. This flaw arises from inadequate validation of the 'pagina' GET parameter, enabling attackers to forge malicious links. Such manipulation can redirect...

The enlogic:show version 2.0.2 from All-Dynamics Software is susceptible to a session fixation vulnerability. This issue allows attackers to manipulate the PHP session identifier during the user login process. By sending specially crafted HTTP GET requests to welcome.php with a custom session tok...

The SnapGear Management Console SG560 version 3.1.5 is affected by a file manipulation vulnerability that permits authenticated users to perform unauthorized actions such as reading, writing, and deleting files. This vulnerability arises from flaws in the edit_config_files CGI script, which can b...

Cayin Signage Media Player 3.0 is susceptible to an authenticated remote command injection vulnerability impacting the system.cgi and wizard_system.cgi pages. This flaw allows attackers to exploit the 'NTP_Server_IP' parameter while using default credentials, enabling them to execute arbitrary sh...

Cayin Signage Media Player 3.0 is susceptible to an authenticated remote command injection vulnerability impacting the system.cgi and wizard_system.cgi pages. This flaw allows attackers to exploit the 'NTP_Server_IP' parameter while using default credentials, enabling them to execute arbitrary sh...

Cayin Signage Media Player 3.0 is susceptible to an authenticated remote command injection vulnerability impacting the system.cgi and wizard_system.cgi pages. This flaw allows attackers to exploit the 'NTP_Server_IP' parameter while using default credentials, enabling them to execute arbitrary sh...

The SnapGear Management Console SG560 version 3.1.5 is affected by a file manipulation vulnerability that permits authenticated users to perform unauthorized actions such as reading, writing, and deleting files. This vulnerability arises from flaws in the edit_config_files CGI script, which can b...

Aerohive HiveOS contains a vulnerability in its NetConfig UI that could allow unauthenticated attackers to disrupt service. By sending a specially crafted HTTP request to the action.php5 script with specific parameters, an attacker can render the web interface unusable, causing service disruption...

The SnapGear Management Console SG560 version 3.1.5 is vulnerable to a cross-site request forgery (CSRF) flaw that enables attackers to execute unauthorized administrative actions without user consent. By crafting a malicious web page, an attacker can trick a legitimate user into submitting a for...

The SnapGear Management Console SG560 version 3.1.5 is vulnerable to a cross-site request forgery (CSRF) flaw that enables attackers to execute unauthorized administrative actions without user consent. By crafting a malicious web page, an attacker can trick a legitimate user into submitting a for...

Aerohive HiveOS contains a vulnerability in its NetConfig UI that could allow unauthenticated attackers to disrupt service. By sending a specially crafted HTTP request to the action.php5 script with specific parameters, an attacker can render the web interface unusable, causing service disruption...

The FIBARO System Home Center 5.021 is impacted by a remote file inclusion vulnerability due to an undocumented proxy API. This issue enables attackers to exploit the 'url' GET parameter, allowing them to inject arbitrary client-side scripts. By leveraging this vulnerability, attackers can includ...

The P5 FNIP-8x16A FNIP-4xSH version 1.0.20 is vulnerable to cross-site request forgery (CSRF), which allows attackers to execute unauthorized administrative actions. By deceiving a logged-in user into accessing a malicious webpage, an attacker can manipulate the victim's session to create new adm...

The P5 FNIP-8x16A FNIP-4xSH version 1.0.20 is vulnerable to cross-site request forgery (CSRF), which allows attackers to execute unauthorized administrative actions. By deceiving a logged-in user into accessing a malicious webpage, an attacker can manipulate the victim's session to create new adm...

The FIBARO System Home Center 5.021 is impacted by a remote file inclusion vulnerability due to an undocumented proxy API. This issue enables attackers to exploit the 'url' GET parameter, allowing them to inject arbitrary client-side scripts. By leveraging this vulnerability, attackers can includ...

The FIBARO System Home Center 5.021 is impacted by a remote file inclusion vulnerability due to an undocumented proxy API. This issue enables attackers to exploit the 'url' GET parameter, allowing them to inject arbitrary client-side scripts. By leveraging this vulnerability, attackers can includ...

A significant use-after-free vulnerability has been identified in Apple’s iOS and macOS products, impacting versions prior to the latest updates. This flaw arises due to improper memory management, allowing maliciously crafted web content to trigger arbitrary code execution. Apple has acknowledge...

The RustFS object storage system, prior to version 1.0.0-alpha.77, suffers from a significant authentication vulnerability due to the use of a hardcoded static token, 'rustfs rpc'. This token is exposed in the source code and is non-configurable, meaning it cannot be altered or rotated. As a resu...