Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered 54 minutes ago

PoC for CVE-2025-32463

Sudo ProjectSudo9.3CRITICAL
Sudo Vulnerability in Chroot Mode Affects Local User Access

The Sudo software, prior to version 1.9.17p1, contains a vulnerability that enables local users to gain root access through improper handling of configuration files. Specifically, when the optional --chroot command is used, the software incorrectly processes the /etc/nsswitch.conf file from a use...

Discovered 2 hours ago

PoC for CVE-2025-27591

Meta Platforms, IncBelow6.8MEDIUM
Privilege Escalation Vulnerability in Below Service by Facebook

A privilege escalation vulnerability was identified in the Below service prior to version 0.9.0. This vulnerability arises from the creation of a world-writable directory located at /var/log/below. As a result, local unprivileged users can exploit this flaw through symlink attacks, potentially ma...

Discovered 3 hours ago

PoC for CVE-2025-5777

NetscalerAdc🟣 EPSS 17%9.3CRITICAL
Memory Overread Vulnerability in NetScaler Management Interface by ...

The vulnerability arises from inadequate input validation in the NetScaler Management Interface, potentially allowing attackers to exploit memory overread conditions. This could lead to unauthorized access or exposure of sensitive information within the NetScaler ADC and NetScaler Gateway product...

Discovered 4 hours ago

PoC for CVE-2025-34107

LabfWinaxe Ftp Client8.7HIGH
Buffer Overflow Vulnerability in WinaXe FTP Client by Developer Net...

A buffer overflow vulnerability in the WinaXe FTP Client version 7.7 occurs when the software processes an excessively long '220 Server Ready' response during FTP banner parsing. This flaw, found in the WCMDPA10.dll component, enables an attacker to execute arbitrary code, potentially compromisin...

PoC for CVE-2025-34107

LabfWinaxe Ftp Client8.7HIGH
Buffer Overflow Vulnerability in WinaXe FTP Client by Developer Net...

A buffer overflow vulnerability in the WinaXe FTP Client version 7.7 occurs when the software processes an excessively long '220 Server Ready' response during FTP banner parsing. This flaw, found in the WCMDPA10.dll component, enables an attacker to execute arbitrary code, potentially compromisin...

PoC for CVE-2025-34107

LabfWinaxe Ftp Client8.7HIGH
Buffer Overflow Vulnerability in WinaXe FTP Client by Developer Net...

A buffer overflow vulnerability in the WinaXe FTP Client version 7.7 occurs when the software processes an excessively long '220 Server Ready' response during FTP banner parsing. This flaw, found in the WCMDPA10.dll component, enables an attacker to execute arbitrary code, potentially compromisin...

PoC for CVE-2025-34103

Wepresent (barco)Wipg-10009.3CRITICAL
Unauthenticated Command Injection in WePresent WiPG-1000 Firmware

An unauthenticated command injection vulnerability exists in the WePresent WiPG-1000 firmware due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The vulnerable Client parameter is not properly sanitized before being passed to a system call, enabling an unauthenticated ...

PoC for CVE-2025-34103

Wepresent (barco)Wipg-10009.3CRITICAL
Unauthenticated Command Injection in WePresent WiPG-1000 Firmware

An unauthenticated command injection vulnerability exists in the WePresent WiPG-1000 firmware due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The vulnerable Client parameter is not properly sanitized before being passed to a system call, enabling an unauthenticated ...

PoC for CVE-2025-34111

Tiki Software Com...Wiki Cms Groupware9.3CRITICAL
Unauthenticated File Upload Vulnerability in Tiki Wiki CMS Groupware

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware, specifically in versions up to 15.1, through the ELFinder component's default connector. This flaw allows remote attackers to upload and execute malicious PHP scripts on the server. The vulnerability stems f...

PoC for CVE-2025-34111

Tiki Software Com...Wiki Cms Groupware9.3CRITICAL
Unauthenticated File Upload Vulnerability in Tiki Wiki CMS Groupware

An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware, specifically in versions up to 15.1, through the ELFinder component's default connector. This flaw allows remote attackers to upload and execute malicious PHP scripts on the server. The vulnerability stems f...

PoC for CVE-2025-34113

Tiki Software Com...Wiki Cms Groupware8.7HIGH
Authenticated Command Injection Vulnerability in Tiki Wiki CMS by T...

An authenticated command injection vulnerability exists in Tiki Wiki CMS that allows attackers to execute arbitrary PHP code via the `viewmode` GET parameter in `tiki-calendar.php` when the calendar module is active. This issue arises when an authenticated user with appropriate permissions access...

PoC for CVE-2025-34113

Tiki Software Com...Wiki Cms Groupware8.7HIGH
Authenticated Command Injection Vulnerability in Tiki Wiki CMS by T...

An authenticated command injection vulnerability exists in Tiki Wiki CMS that allows attackers to execute arbitrary PHP code via the `viewmode` GET parameter in `tiki-calendar.php` when the calendar module is active. This issue arises when an authenticated user with appropriate permissions access...

PoC for CVE-2025-34112

Riverbed TechnologySteelcentral Netexpress10CRITICAL
Remote Code Execution Vulnerability in Riverbed SteelCentral NetPro...

An authenticated multi-stage vulnerability affects Riverbed SteelCentral NetProfiler and NetExpress virtual appliances. It begins with a SQL injection in the '/api/common/1.0/login' endpoint, allowing attackers to create unauthorized user accounts in the appliance database. This unauthorized user...

PoC for CVE-2025-34112

Riverbed TechnologySteelcentral Netexpress10CRITICAL
Remote Code Execution Vulnerability in Riverbed SteelCentral NetPro...

An authenticated multi-stage vulnerability affects Riverbed SteelCentral NetProfiler and NetExpress virtual appliances. It begins with a SQL injection in the '/api/common/1.0/login' endpoint, allowing attackers to create unauthorized user accounts in the appliance database. This unauthorized user...

PoC for CVE-2025-34104

Piwik (now Matomo)Web Analytics Platform9.4CRITICAL
Remote Code Execution Vulnerability in Matomo by Influx of Maliciou...

An authenticated remote code execution vulnerability allows users with Superuser privileges to upload and activate malicious plugins in Matomo versions before 3.0.3. This enables arbitrary PHP code execution on the host system due to the inadequate validation of uploaded ZIP archives. As a precau...

PoC for CVE-2025-34106

BurnawarePDF Shaper8.4HIGH
Buffer Overflow Vulnerability in PDF Shaper from PDF Shaper

A buffer overflow vulnerability has been identified in PDF Shaper versions 3.5 and 3.6. This flaw occurs when users utilize the 'Convert PDF to Image' feature with specially crafted PDF files. Through social engineering tactics, an attacker can trick users into opening such files, potentially all...

PoC for CVE-2025-34106

BurnawarePDF Shaper8.4HIGH
Buffer Overflow Vulnerability in PDF Shaper from PDF Shaper

A buffer overflow vulnerability has been identified in PDF Shaper versions 3.5 and 3.6. This flaw occurs when users utilize the 'Convert PDF to Image' feature with specially crafted PDF files. Through social engineering tactics, an attacker can trick users into opening such files, potentially all...

PoC for CVE-2025-34109

Panda SecurityPanda Global Protectio...8.5HIGH
Privilege Escalation Vulnerability in Panda Security Products

The PSEvents.exe component in several Panda Security applications operates with elevated SYSTEM privileges and is susceptible to loading DLL files from directories that can be modified by users. This vulnerability allows attackers with limited access to exploit the situation by placing malicious ...

PoC for CVE-2025-34109

Panda SecurityPanda Global Protectio...8.5HIGH
Privilege Escalation Vulnerability in Panda Security Products

The PSEvents.exe component in several Panda Security applications operates with elevated SYSTEM privileges and is susceptible to loading DLL files from directories that can be modified by users. This vulnerability allows attackers with limited access to exploit the situation by placing malicious ...

PoC for CVE-2025-34115

Itrs GroupOp5 Monitor8.7HIGH
Authenticated Command Injection in OP5 Monitor by OP5

An authenticated command injection flaw exists in OP5 Monitor through version 7.1.9. This vulnerability arises from improper handling of the 'cmd_str' parameter in the command_test.php endpoint, allowing a user with valid access to the web interface to leverage the 'Test this command' feature to ...

PoC for CVE-2025-34115

Itrs GroupOp5 Monitor8.7HIGH
Authenticated Command Injection in OP5 Monitor by OP5

An authenticated command injection flaw exists in OP5 Monitor through version 7.1.9. This vulnerability arises from improper handling of the 'cmd_str' parameter in the command_test.php endpoint, allowing a user with valid access to the web interface to leverage the 'Test this command' feature to ...

PoC for CVE-2025-34116

Ipfire ProjectIpfire8.7HIGH
Remote Command Execution Vulnerability in IPFire by IPFire

A remote command execution vulnerability exists in IPFire prior to version 2.19 Core Update 101. This security flaw allows authenticated attackers to inject arbitrary shell commands through crafted inputs in the NCSA user creation form fields accessed via the 'proxy.cgi' CGI interface. Successful...

PoC for CVE-2025-34116

Ipfire ProjectIpfire8.7HIGH
Remote Command Execution Vulnerability in IPFire by IPFire

A remote command execution vulnerability exists in IPFire prior to version 2.19 Core Update 101. This security flaw allows authenticated attackers to inject arbitrary shell commands through crafted inputs in the NCSA user creation form fields accessed via the 'proxy.cgi' CGI interface. Successful...

PoC for CVE-2025-34116

Ipfire ProjectIpfire8.7HIGH
Remote Command Execution Vulnerability in IPFire by IPFire

A remote command execution vulnerability exists in IPFire prior to version 2.19 Core Update 101. This security flaw allows authenticated attackers to inject arbitrary shell commands through crafted inputs in the NCSA user creation form fields accessed via the 'proxy.cgi' CGI interface. Successful...

PoC for CVE-2025-34105

FleXen ProjectseDiskboss Enterprise10CRITICAL
Stack-based Buffer Overflow in DiskBoss Enterprise by Flexense

A stack-based buffer overflow vulnerability is present in the built-in web interface of DiskBoss Enterprise. This issue stems from insufficient bounds checking on the URI component of HTTP GET requests. An attacker can exploit this vulnerability by crafting an unusually long URI that may lead to ...

PoC for CVE-2025-34105

FleXen ProjectseDiskboss Enterprise10CRITICAL
Stack-based Buffer Overflow in DiskBoss Enterprise by Flexense

A stack-based buffer overflow vulnerability is present in the built-in web interface of DiskBoss Enterprise. This issue stems from insufficient bounds checking on the URI component of HTTP GET requests. An attacker can exploit this vulnerability by crafting an unusually long URI that may lead to ...

PoC for CVE-2025-34105

FleXen ProjectseDiskboss Enterprise10CRITICAL
Stack-based Buffer Overflow in DiskBoss Enterprise by Flexense

A stack-based buffer overflow vulnerability is present in the built-in web interface of DiskBoss Enterprise. This issue stems from insufficient bounds checking on the URI component of HTTP GET requests. An attacker can exploit this vulnerability by crafting an unusually long URI that may lead to ...

PoC for CVE-2025-34108

Falconstor SoftwareDisk Pulse Enterprise8.6HIGH
Stack-Based Buffer Overflow in Disk Pulse Enterprise by Disk Pulse

A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker could exploit this flaw by sending a specially crafted HTTP POST request to the /login endpoint, containing an excessively long username parameter which triggers the ...

PoC for CVE-2025-34108

Falconstor SoftwareDisk Pulse Enterprise8.6HIGH
Stack-Based Buffer Overflow in Disk Pulse Enterprise by Disk Pulse

A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker could exploit this flaw by sending a specially crafted HTTP POST request to the /login endpoint, containing an excessively long username parameter which triggers the ...

PoC for CVE-2025-34110

ColoradoftpServer9.3CRITICAL
Directory Traversal Vulnerability in ColoradoFTP Server for Windows

A directory traversal vulnerability in ColoradoFTP Server for Windows allows unauthenticated users to access and manipulate files outside the designated FTP root directory. This flaw arises from inadequate validation of user-supplied file paths during FTP GET and PUT operations. By exploiting thi...

PoC for CVE-2025-34110

ColoradoftpServer9.3CRITICAL
Directory Traversal Vulnerability in ColoradoFTP Server for Windows

A directory traversal vulnerability in ColoradoFTP Server for Windows allows unauthenticated users to access and manipulate files outside the designated FTP root directory. This flaw arises from inadequate validation of user-supplied file paths during FTP GET and PUT operations. By exploiting thi...

Discovered 13 hours ago

PoC for CVE-2025-29927

VercelNext.js🟣 EPSS 94%9.1CRITICAL
Authorization Bypass in Next.js Framework by Vercel

A security flaw exists in the Next.js framework that allows an attacker to bypass authorization checks if such checks are implemented in middleware. This vulnerability arises in versions prior to 14.2.25 and 15.2.3. To mitigate risk, it is recommended to restrict incoming requests that include th...

Discovered 14 hours ago

PoC for CVE-2025-29927

VercelNext.js🟣 EPSS 94%9.1CRITICAL
Authorization Bypass in Next.js Framework by Vercel

A security flaw exists in the Next.js framework that allows an attacker to bypass authorization checks if such checks are implemented in middleware. This vulnerability arises in versions prior to 14.2.25 and 15.2.3. To mitigate risk, it is recommended to restrict incoming requests that include th...

Discovered 23 hours ago

PoC for CVE-2025-7628

YijiusmileKkfileviewofficeedit5.3MEDIUM
Path Traversal Vulnerability in YiJiuSmile kkFileViewOfficeEdit

A path traversal vulnerability exists in YiJiuSmile's kkFileViewOfficeEdit, affecting the deleteFile function located in the /deleteFile endpoint. An attacker can exploit this vulnerability by manipulating the fileName argument, enabling unauthorized access to sensitive files on the server. This ...

PoC for CVE-2025-7627

YijiusmileKkfileviewofficeedit5.3MEDIUM
Unrestricted File Upload in YiJiuSmile kkFileViewOfficeEdit

A security flaw has been identified in YiJiuSmile's kkFileViewOfficeEdit product, specifically within the 'fileUpload' function. This vulnerability allows remote attackers to upload malicious files without proper restrictions, potentially leading to harmful exploits. The software employs a rollin...

Discovered 1 day ago

PoC for CVE-2025-7626

YijiusmileKkfileviewofficeedit5.3MEDIUM
Path Traversal Vulnerability in YiJiuSmile kkFileViewOfficeEdit Pro...

A path traversal vulnerability exists in the YiJiuSmile kkFileViewOfficeEdit product's onlinePreview function. This issue arises from inadequate input validation in the argument 'url', allowing remote attackers to manipulate file paths and potentially access sensitive files on the server. The vul...

PoC for CVE-2025-7625

YijiusmileKkfileviewofficeedit5.3MEDIUM
Path Traversal Vulnerability in YiJiuSmile kkFileViewOfficeEdit Pro...

A path traversal vulnerability exists in the YiJiuSmile kkFileViewOfficeEdit application, specifically affecting the download function. By manipulating the 'url' argument in the /download endpoint, an attacker could potentially access files outside the intended directory, leading to exposure of s...

PoC for CVE-2025-27415

NuxtNuxt7.5HIGH
Cache Poisoning Vulnerability in Nuxt Framework by Nuxt Team

The Nuxt framework, an open-source tool designed for building Vue.js applications, has a vulnerability that allows for cache poisoning. This issue arises when a specially crafted HTTP request is sent to a server using a CDN. If the CDN improperly caches responses, it can serve poisoned data to su...

PoC for CVE-2025-7616

Gmg137Snap7-rs5.1MEDIUM
Memory Corruption Vulnerability in gmg137 Snap7-rs by gmg137

A vulnerability has been identified in the gmg137 Snap7-rs product, specifically within the Public API's pthread_cond_destroy function. This flaw allows for potential memory corruption, which can be exploited by malicious actors. Public disclosures of this exploit highlight its significance, emph...

PoC for CVE-2025-7615

TotolinkT65.3MEDIUM
Command Injection Vulnerability in TOTOLINK T6 by TOTOLINK

A command injection vulnerability exists in the TOTOLINK T6 version 4.1.5cu.748, specifically within the HTTP POST Request Handler. The issue arises from improper handling of the 'ip' argument in the function clearPairCfg in the file /cgi-bin/cstecgi.cgi. This vulnerability enables an attacker to...

PoC for CVE-2025-7614

TotolinkT65.3MEDIUM
Command Injection Vulnerability in TOTOLINK T6 Product

A command injection vulnerability exists in the TOTOLINK T6 product, specifically within the delDevice function in the cgi-bin/cstecgi.cgi file. An attacker can exploit this weakness by manipulating the ipAddr argument through crafted HTTP POST requests, allowing for remote command execution. The...

PoC for CVE-2025-7613

TotolinkT65.3MEDIUM
Command Injection Vulnerability in TOTOLINK T6 Product

A command injection vulnerability exists in the TOTOLINK T6 router's HTTP POST Request Handler, specifically within the CloudSrvVersionCheck function. An unauthorized attacker can exploit this vulnerability by manipulating the 'ip' argument in the /cgi-bin/cstecgi.cgi file. This allows for arbitr...

PoC for CVE-2025-7612

Code-projectsMobile Shop6.9MEDIUM
SQL Injection Vulnerability in Code-Projects Mobile Shop

A vulnerability exists in the code of Code-Projects Mobile Shop version 1.0, where an erroneous handling of the 'email' argument in the /login.php file allows for SQL injection. This vulnerability can be exploited remotely, potentially granting unauthorized access to sensitive data. Public disclo...

PoC for CVE-2025-7611

Code-projectsWedding Reservation6.9MEDIUM
SQL Injection Vulnerability in Wedding Reservation by Code-Projects

A SQL injection vulnerability has been identified in the Wedding Reservation application version 1.0 developed by Code-Projects. This flaw resides in the /global.php file, where improper handling of the 'lu' argument allows an attacker to manipulate database queries. The exploitation of this vuln...

PoC for CVE-2025-7610

Code-projectsElectricity Billing Sy...6.9MEDIUM
SQL Injection Vulnerability in Electricity Billing System by Code-P...

A serious SQL injection vulnerability has been identified in the Electricity Billing System by Code-Projects, specifically within the file /user/change_password.php. This flaw exists due to insufficient validation of the user-supplied input in the new_password parameter. Attackers can exploit thi...

PoC for CVE-2025-7609

Code-projectsSimple Shopping Cart6.9MEDIUM
SQL Injection Vulnerability in Simple Shopping Cart by Code-Projects

An SQL injection vulnerability has been discovered in the Simple Shopping Cart version 1.0. The issue resides in the processing of user input within the register.php file, specifically the ruser_email parameter. An attacker can exploit this flaw to execute arbitrary SQL queries, potentially leadi...

PoC for CVE-2025-7608

Code-projectsSimple Shopping Cart6.9MEDIUM
SQL Injection Vulnerability in Simple Shopping Cart by Code-Projects

A SQL injection vulnerability exists in the Simple Shopping Cart 1.0 application, specifically within the /userlogin.php file. This flaw allows an attacker to manipulate the 'user_email' argument, which can lead to unauthorized access and data exposure. The exploit can be initiated remotely, ampl...

PoC for CVE-2025-7607

Code-projectsSimple Shopping Cart6.9MEDIUM
SQL Injection Vulnerability in Code-Projects Simple Shopping Cart S...

A security flaw has been identified in the Code-Projects Simple Shopping Cart version 1.0, where improper handling of the argument 'order_price' in the '/Customers/save_order.php' file allows for SQL injection attacks. This vulnerability can be exploited remotely, enabling attackers to manipulate...

PoC for CVE-2025-7606

Code-projectsAvl Rooms6.9MEDIUM
SQL Injection Vulnerability in AVL Rooms by Code-Projects

A serious SQL injection vulnerability has been identified in AVL Rooms 1.0, specifically in the handling of the 'city' parameter within the /city.php file. This flaw allows an attacker to manipulate SQL queries through crafted inputs, leading to unauthorized access to the database. The issue can ...

PoC for CVE-2025-7605

Code-projectsAvl Rooms6.9MEDIUM
SQL Injection Vulnerability in Code-Projects AVL Rooms 1.0

A security vulnerability exists in Code-Projects AVL Rooms 1.0 within the /profile.php file due to improper handling of the first_name parameter, which allows for SQL injection attacks. This vulnerability can be exploited remotely by attackers, enabling them to manipulate database queries and pot...