Publicly Disclosed
PoC Exploits

In versions of the MariaDB server up to 11.8.5, a significant issue arises when the server audit plugin is activated with specific filtering settings for DCL, DDL, or DML queries. Authenticated database users can execute SQL statements that bypass the intended audit logs by using comments prefixe...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A command injection vulnerability exists in the Wavlink WL-WN570HA1 router's set_sys_adm function within the /cgi-bin/adm.cgi file. This flaw arises from improper handling of the Username argument, making the device susceptible to remote attacks. The exploit has been publicly disclosed, and users...

A significant security flaw has been identified in Dolibarr ERP CRM, specifically within the Online Signature Module. The issue resides in the function dol_verifyHash located in the library htdocs/core/lib/security.lib.php. This flaw leads to inadequate verification of cryptographic signatures, w...

A command injection vulnerability exists in the Langflow product by Langflow-ai, specifically within the CodeParser.parse_callable_details function in the code_parser.py file. This vulnerability affects versions up to 1.8.4, allowing remote attackers to execute arbitrary commands through crafted ...

A vulnerability exists in the Eyeo Adblock Plus Chrome extension, specifically within the postMessage function of the premium.preload.js file related to the Legacy Premium Activation component. This flaw allows for improper access control, potentially enabling remote exploitation. Although the ex...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in the Edimax BR-6208AC router affecting versions up to 1.02, specifically within the /goform/setWAN function. Manipulation of the pptpDfGateway argument can trigger a buffer overflow, which may be exploited remotely. This exploit is publicly known and poses a significant t...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A security weakness is present in the Edimax BR-6428nC, affecting the web interface component. This vulnerability arises due to improper handling of user input in the /goform/setWAN function, specifically with the parameters pppUserName and pptpUserName. An attacker can exploit this flaw remotely...

A security flaw exists in the Edimax BR-6208AC version 1.02, specifically within the setWAN function used in L2TP Mode. The vulnerability arises from improper handling of the L2TPUserName argument, allowing attackers to inject commands remotely. As this flaw can be exploited from outside the netw...

Authenticated attackers with Subscriber-level access or higher can exploit an Insecure Direct Object Reference in the Frontend File Manager Plugin for WordPress. This vulnerability arises from inadequate user authorization validation for file download requests. By manipulating the 'file_id' param...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A security flaw has been discovered in YunaiV's yudao-cloud that affects the getAccessToken function within the OAuth2TokenServiceImpl.java located at yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/service/impl. This vulnerability allows for improper authentication, which can...

A SQL injection vulnerability exists in the YunaiV yudao-cloud product, particularly within the getDataBySQL function located in 'yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java'. This vulnerability allows an attacker to manipulate SQL queries,...

A cross-site scripting (XSS) vulnerability exists in the FastBee application from kerwincui affecting versions up to 1.2.1. The issue is found in the System Notice Handler, specifically in the 'Add' function of SysNoticeController.java. An attacker can manipulate the 'noticeContent' argument, ena...

A path traversal vulnerability was identified in the Tool Download Endpoint of kerwincui's FastBee, affecting versions up to 1.2.1. This flaw arises from the improper handling of the 'fileName' argument in the ToolController.download function. Attackers can exploit this vulnerability remotely to ...

A buffer overflow vulnerability has been identified in the Shenzhen Libituo Technology LBT-T300-HW1 router, specifically within the start_lan function of the /apply.cgi file. This issue arises when user-controlled input is mishandled, allowing remote attackers to manipulate the Channel/ApCliSsid ...

A security flaw in the file upload mechanism of Apache Struts could allow an attacker to exploit file upload parameters. This vulnerability enables path traversal, leading to the possibility of uploading a malicious file that can facilitate remote code execution. To mitigate risks, users should u...

A vulnerability in the crmeb_java product version up to 1.3.4 has been identified that allows for unrestricted file uploads through the Admin Upload component. Specifically, the issue resides in the UploadServiceImpl.java file, where manipulation of the model argument can lead to unauthorized fil...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The CodeWise Tornet Scooter Mobile App version 4.75 for both iOS and Android is exposed to a vulnerability that allows for improper restriction of excessive authentication attempts through an undisclosed function in the file /TwoFactor. This flaw enables attackers to potentially exploit the syste...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The CodeWise Tornet Scooter Mobile App version 4.75 for both iOS and Android is exposed to a vulnerability that allows for improper restriction of excessive authentication attempts through an undisclosed function in the file /TwoFactor. This flaw enables attackers to potentially exploit the syste...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in Jinher OA version 1.0, specifically within the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This flaw allows attackers to manipulate the DeptIDList argument, enabling SQL injection attacks that can be executed remotely. The exploit has been documented and potentially ...

The mod_sql module in ProFTPD prior to version 1.3.10rc1 contains a critical vulnerability that allows remote attackers to execute arbitrary code by sending specially crafted username requests. This occurs in scenarios where USER request logging is enabled with an expansion format like %U, combin...

An out-of-bounds read vulnerability has been identified in MikroTik RouterOS version 6.49.8, specifically within the ASN1_STRING_data function found in the library nova/lib/www/scep.p, which is part of the SCEP Endpoint component. This flaw arises from improper handling of the transactionID and m...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability exists in Apache MINA's AbstractIoBuffer.resolveClass() method, where the check for allowed class names has not been properly enforced in specific version branches. This oversight permits arbitrary code execution when certain applications call IoBuffer.getObject(), making it criti...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

An authenticated Cacti user can exploit vulnerabilities in the graph creation and graph template features to execute arbitrary PHP scripts within the web root of the application. This unauthorized script execution can lead to significant security breaches, allowing attackers to compromise the ser...

An access control flaw in Microsoft Defender permits an authorized attacker to elevate their privileges within the system. This vulnerability arises due to insufficient granularity in access controls, potentially enabling local exploitation of the affected product capabilities. Organizations need...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security flaw exists in the MCP Interface of r-huijts mcp-server-rijksmuseum versions up to 1.0.4 due to improper handling of the imageUrl argument in the open_image_in_browser function. This vulnerability enables attackers to execute arbitrary operating system commands remotely, potentially co...

A path traversal vulnerability exists in the Ruvnet Sublinear-Time-Solver product, specifically within the MCP Interface. This issue arises from inadequate validation in the export_state function located in the src/consciousness-explorer/mcp/server.js file. Attackers can exploit this vulnerabilit...

A vulnerability has been identified in the NextChat product of ChatGPTNextWeb, specifically within the addMcpServer function found in app/mcp/actions.ts. This issue allows for improper authorization, which could potentially enable remote attackers to exploit the vulnerability for unauthorized acc...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability identified in ChatGPTNextWeb's NextChat version 2.16.1 allows for a permissive CORS policy, placing users at risk for cross-domain attacks. The flaw resides in an unspecified function within the Next.js component of the API endpoint, which could be exploited to allow untrusted dom...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability in the pskill9 website-downloader allows for OS command injection via the download_website function in the MCP Interface. By manipulating the outputPath argument, attackers can execute arbitrary commands on the server. This vulnerability can be exploited remotely and has been publ...

A file inclusion vulnerability exists in the Totolink N300RH model affecting version 6.1c.1353_B20190305. Specifically, the function setUploadSetting located in the /cgi-bin/cstecgi.cgi file allows for remote manipulation of the FileName argument. This flaw can be exploited to include unauthorize...

A vulnerability exists in Code-Projects' Online Hospital Management System, specifically in the /viewappointment.php file. This flaw allows an attacker to manipulate the 'delid' argument, leading to SQL injection vulnerabilities. The attack can be executed remotely, providing potential access to ...

The Online Hospital Management System version 1.0 by Code-Projects contains a vulnerability in the Registration Handler component. An unknown function within this component improperly manages authorization based on user input. Specifically, manipulation of the 'Username' argument allows unauthori...

A vulnerability has been identified in the InnoShop component from innocommerce, specifically in the InstallServiceProvider::boot function within the Installation Endpoint. This flaw allows improper authentication, potentially enabling remote exploitation. The issue has been made public, and user...