Publicly Disclosed
PoC Exploits

The NS Maintenance Mode plugin for WordPress prior to version 1.3.1 has a vulnerability that stems from improper sanitization and escaping of certain settings. This flaw could potentially allow high-privilege users, like administrators, to execute stored cross-site scripting attacks, even when th...

Windows Kernel Information Disclosure Vulnerability

The D-Link DNS-343 ShareCenter devices harbor a command injection weakness in the Mail Test feature, allowing attackers to exploit the web maintenance script. By sending specially crafted form data to the '/goform/Mail_Test' endpoint without proper input sanitization, an unauthenticated remote in...

The D-Link DNS-343 ShareCenter devices harbor a command injection weakness in the Mail Test feature, allowing attackers to exploit the web maintenance script. By sending specially crafted form data to the '/goform/Mail_Test' endpoint without proper input sanitization, an unauthenticated remote in...

The D-Link DNS-343 ShareCenter devices harbor a command injection weakness in the Mail Test feature, allowing attackers to exploit the web maintenance script. By sending specially crafted form data to the '/goform/Mail_Test' endpoint without proper input sanitization, an unauthenticated remote in...

The vulnerability in Windows Server Update Service arises from the deserialization of untrusted data, which could allow an unauthorized attacker to execute arbitrary code over a network. This flaw demonstrates the importance of secure coding practices to prevent untrusted input from being process...

A flaw exists in the OpenShift Container Platform due to the improper handling of elevated privileges during the build process. Specifically, the git-clone container operates with a privileged security context during the build initialization phase, granting unrestricted access to the underlying n...

A vulnerability has been identified in Needrestart, the tool developed by Qualys, which prior to version 3.8, can be exploited by local attackers. This flaw allows attackers to execute arbitrary code with root privileges by manipulating the PYTHONPATH environment variable when Needrestart runs th...

An issue has been identified in the Redis open-source database that impacts all versions with Lua scripting enabled. Authenticated users can exploit this vulnerability by executing specially crafted Lua scripts that manipulate the garbage collector. This can result in a use-after-free situation, ...

The Doppler Forms WordPress plugin prior to version 2.5.1 contains an improper authentication vulnerability. This security issue arises from the plugin's failure to verify user capabilities when registering an AJAX action called install_extension. Consequently, any authenticated user, even those ...

The vulnerability in Windows Server Update Service arises from the deserialization of untrusted data, which could allow an unauthorized attacker to execute arbitrary code over a network. This flaw demonstrates the importance of secure coding practices to prevent untrusted input from being process...

A relative path traversal vulnerability has been identified in Apache Tomcat that allows attackers to manipulate the request URI, potentially bypassing security constraints affecting sensitive directories such as /WEB-INF/ and /META-INF/. This issue arises from a regression caused by the fix for ...

Certain DVR devices, including the TBK DVR4104 and DVR4216 models, as well as various rebranded variants, are susceptible to a remote authentication bypass. By manipulating the 'Cookie: uid=admin' header, attackers can access sensitive functionalities without proper authentication. This vulnerabi...

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default ...

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log messag...

The vulnerability in Windows Server Update Service arises from the deserialization of untrusted data, which could allow an unauthorized attacker to execute arbitrary code over a network. This flaw demonstrates the importance of secure coding practices to prevent untrusted input from being process...

CVE-2023-26360 is a critical vulnerability affecting Adobe ColdFusion 2018 Update 15 and earlier, as well as ColdFusion 2021 Update 5 and earlier. This improper access control vulnerability can be exploited remotely by unauthenticated attackers to achieve arbitrary code execution without user int...

Prior to version 0.49.1, the Starlette framework, designed for ASGI applications, suffers from a denial of service vulnerability. An unauthenticated attacker can exploit this issue by sending a specially crafted HTTP Range header. This triggers inefficient quadratic-time processing within the Fil...

A security flaw has been identified in the Simple Food Ordering System version 1.0, specifically within the processing of the file /addproduct.php. This vulnerability allows for unrestricted file uploads by manipulating the 'photo' argument, which may be exploited by attackers remotely. The explo...

A security vulnerability in Oracle's Concurrent Processing component of the E-Business Suite could allow an unauthenticated attacker to gain unauthorized access through HTTP. The affected software versions range from 12.2.3 to 12.2.14. Successful exploitation may lead to complete control over the...

The vulnerability in Windows Server Update Service arises from the deserialization of untrusted data, which could allow an unauthorized attacker to execute arbitrary code over a network. This flaw demonstrates the importance of secure coding practices to prevent untrusted input from being process...

A vulnerability has been identified in MaxSite CMS versions up to 109 that allows an attacker to execute remote exploitation through the file application/maxsite/admin/plugins/editor_files/save-file-ajax.php. By manipulating the file_path/content argument, an attacker can perform unrestricted fil...

A severe vulnerability in MaxSite CMS versions up to 109 allows attackers to exploit the HTTP Header Handler component through manipulation of the X-Requested-FileName and X-Requested-FileUpDir parameters. This flaw enables unauthorized file uploads, resulting in arbitrary remote file execution a...

A vulnerability in Yonyou U8 Cloud enables attackers to exploit an unknown function within the /service/NCloudGatewayServlet component, allowing for unrestricted file uploads through manipulation of the 'ts/sign' argument. This flaw can be exploited remotely and poses a significant risk. Despite ...

The Samba vfs_fruit module introduces a vulnerability that allows for out-of-bounds heap read and write operations, stemming from the use of extended file attributes (EAs). This issue can be exploited by a remote attacker who has write access to these attributes, enabling arbitrary code execution...

A security flaw has been identified in the Login component of Serdar Bayram's Ghost Hot Spot, specifically within an unknown function of the /Auth.php file. This vulnerability enables attackers to perform SQL injection attacks, which can potentially be exploited remotely. Although the vendor was ...

A significant vulnerability exists in ExifTool versions 7.44 and later, where the improper handling of user data within the DjVu file format enables arbitrary code execution. This can occur when malicious images crafted to exploit this flaw are parsed, potentially allowing attackers to execute ha...

A vulnerability has been identified in Campcodes Retro Basketball Shoes Online Store version 1.0, specifically within the file /admin/admin_football.php. This vulnerability allows for SQL injection attacks through the manipulation of the 'pid' argument, which enables unauthorized access to the da...

A vulnerability has been discovered in the Campcodes Retro Basketball Shoes Online Store version 1.0, located in the file /admin/admin_product.ph. An attacker can exploit this weakness by manipulating the 'pid' argument, leading to SQL injection, which allows for unauthorized database access or d...

A critical security flaw has been identified in the Campcodes Retro Basketball Shoes Online Store version 1.0, specifically affecting the /admin/admin_feature.php file. This vulnerability allows an attacker to manipulate the 'pid' argument, leading to unauthorized SQL query execution. The exploit...

A SQL injection vulnerability exists in the Campcodes Retro Basketball Shoes Online Store version 1.0, specifically within the admin_index.php file. Attackers can exploit this vulnerability by manipulating the Username argument, allowing remote execution of unauthorized SQL commands. This manipul...

A cross site scripting vulnerability exists in the E-Commerce Website 1.0 developed by Code-Projects. The flaw is located in the /pages/supplier_update.php file, where improper handling of user-supplied input for 'supp_name' and 'supp_address' can be exploited to execute arbitrary scripts in the ...

A vulnerability has been identified in the SourceCodester Student Grades Management System version 1.0, particularly affecting the delete_user function located in /admin.php. This flaw allows remote attackers to exploit cross site scripting (XSS) by manipulating input. If successfully executed, t...

A cross-site scripting vulnerability has been identified in the code-projects E-Commerce Website version 1.0. The issue originates from improper handling of user input in the file /pages/product_add.php, specifically in the arguments prod_name, prod_desc, and prod_cost. This flaw allows attackers...

A security issue has been identified in Code-Projects E-Commerce Website version 1.0, specifically affecting the /pages/supplier_add.php file. This vulnerability allows for cross site scripting (XSS) via manipulated parameters such as supp_name and supp_address. Attackers can perform remote explo...

A vulnerability has been discovered in Willow CMS versions up to 1.4.0, specifically affecting the file /admin/images/add. This weakness allows malefactors to perform unrestricted file uploads, leading to potential unauthorized access and manipulation of server environments. The vulnerability can...

A security vulnerability has been identified in Willow CMS versions up to 1.4.0, specifically within the Add Post Page component. The flaw exists due to inadequate validation of user-supplied input in the title and body fields. A remote attacker can exploit this issue to inject malicious scripts,...

A vulnerability has been identified in the Android Framework that allows for potential exposure of sensitive information displayed on the screen. This may occur without the need for user interaction or elevated execution privileges, resulting in local information disclosure risks. The issue arise...

A security flaw has been identified in the SourceCodester Best Salon Management System, specifically within the /panel/forgot-password.php file. This vulnerability allows attackers to manipulate the email parameter, leading to SQL injection exploits. The nature of the vulnerability permits remote...

A buffer overflow vulnerability has been identified in the Tenda CH22 router version 1.0.0.1, particularly within the fromNatStaticSetting function located in the /goform/NatStaticSetting file. This vulnerability allows an attacker to manipulate the argument page, potentially leading to a remote ...

A security flaw has been discovered in the Code-Projects Courier Management System, specifically in the edit-courier.php file. This vulnerability arises from improper handling of the OfficeName parameter, allowing attackers to execute SQL injection attacks remotely. The exploit is publicly access...

A SQL injection vulnerability exists in the Food Ordering System version 1.0 by Code-Projects, notably within the /admin/menu.php file. This flaw allows an attacker to manipulate the 'itemPrice' argument, leading to unauthorized database queries. The exploit's public disclosure raises concerns ab...

A vulnerability exists in the Food Ordering System version 1.0 where an unknown function in the /admin/deleteitem.php file is susceptible to SQL injection through improper handling of the itemID argument. This flaw allows remote attackers to execute malicious SQL queries, potentially compromising...

A command injection vulnerability exists in the D-Link DI-7001 MINI router, specifically within an undocumented function in the /msp_info.htm file. This flaw allows attackers to manipulate the cmd argument, enabling unauthorized remote command execution. The vulnerability has been publicly disclo...

A security flaw has been identified in the PHPGurukul Curfew e-Pass Management System, specifically within the view-pass-detail.php file. This vulnerability arises from inadequate validation of user input, allowing attackers to manipulate query parameters linked to Fullname/Category. Consequently...

A vulnerability exists in the PHPGurukul Curfew e-Pass Management System version 1.0, stemming from improper processing in the file edit-category-detail.php. This flaw allows an attacker to manipulate the 'catname' argument, resulting in cross-site scripting (XSS) vulnerabilities. The issue can b...

The vulnerability in Windows Server Update Service arises from the deserialization of untrusted data, which could allow an unauthorized attacker to execute arbitrary code over a network. This flaw demonstrates the importance of secure coding practices to prevent untrusted input from being process...

A significant security vulnerability has been detected within the Nero Social Networking Site 1.0, specifically in the /friendprofile.php file. This weakness arises from improper handling of the ID argument, allowing attackers to execute SQL injection attacks. Such vulnerabilities can be exploite...

A security flaw has been identified in the Nero Social Networking Site version 1.0, specifically in the functionality associated with the file /deletemessage.php. An attacker can manipulate the 'message_id' argument, leading to an SQL injection vulnerability that can be exploited remotely. This e...

A security vulnerability has been discovered in the Nero Social Networking Site version 1.0 that affects the functionality of the /addfriend.php file. By manipulating the 'ID' parameter, an attacker can perform SQL injection attacks. This vulnerability allows unauthorized access to the database, ...