Publicly Disclosed
PoC Exploits

Pterodactyl, a widely used free and open-source game server management panel, has a significant vulnerability that allows unauthorized remote code execution. This occurs through the /locales/locale.json endpoint when specific query parameters are manipulated. Attackers exploiting this flaw can ex...

A command injection vulnerability exists in the D-Link DWR-M921 router version 1.1.50. This flaw affects a specific function within the file /boafrm/formLtefotaUpgradeFibocom, allowing an attacker to manipulate the 'fota_url' argument. Exploiting this vulnerability enables unauthorized users to e...

A command injection flaw exists in the D-Link DWR-M921 router, specifically within the sub_419920 function found in the /boafrm/formLtefotaUpgradeQuectel file. This vulnerability allows attackers to manipulate the fota_url argument, enabling remote execution of arbitrary commands. Given that an e...

An OS command injection vulnerability has been identified in the Totolink WA300 router, specifically within the setAPNetwork function located in /cgi-bin/cstecgi.cgi. This flaw allows an attacker to manipulate the Ipaddr argument, leading to the execution of arbitrary operating system commands. T...

A critical security flaw exists in the Online Reviewer System 1.0 developed by Code-Projects, related to SQL injection vulnerabilities within the login functionality found in the /login/index.php file. Malicious actors can manipulate the username and password fields to execute arbitrary SQL comma...

A vulnerability has been detected in Detronetdip E-commerce 1.0.0, specifically within the account creation endpoint located at /Admin/assets/backend/seller/add_seller.php. This issue arises when the email argument is improperly handled, resulting in missing authentication protections. This flaw ...

A security flaw has been identified in detronetdip E-commerce version 1.0.0, specifically affecting the processing of the /seller/assets/backend/profile/addadhar.php file. This vulnerability enables attackers to exploit argument manipulation in the File parameter, leading to an unrestricted file ...

A command injection vulnerability exists in the D-Link DIR-600 router affecting versions up to 2.15WWb02. This flaw is found in the ssdp.cgi file, where improper handling of arguments such as HTTP_ST, REMOTE_ADDR, REMOTE_PORT, and SERVER_ID can allow an attacker to execute arbitrary commands remo...

A vulnerability exists in the itsourcecode News Portal Project 1.0 within the /admin/aboutus.php file. This weakness arises from improper handling of the 'pagetitle' argument, leading to a potential SQL injection attack. Remote attackers can exploit this vulnerability to manipulate queries execut...

A security flaw exists in the itsourcecode Directory Management System version 1.0, specifically in the /admin/forget-password.php file. This vulnerability allows an attacker to exploit the email parameter, leading to SQL injection attacks. Given that the vulnerability can be triggered remotely, ...

A vulnerability exists in the SourceCodester Simple Responsive Tourism Website version 1.0, specifically affecting the save_package function located in /tourism/classes/Master.php. This vulnerability enables an attacker to exploit the argument 'Title' to execute arbitrary scripts in the context o...

A vulnerability has been identified in the SourceCodester Simple Responsive Tourism Website 1.0 affecting an unknown function in the Master.php file associated with the registration component. By manipulating the arguments such as firstname, lastname, or username, an attacker can execute cross si...

A security vulnerability has been identified in the D-Link DIR-823X 250416, specifically within the sub_4175CC function in the file /goform/set_static_route_table. This vulnerability allows for OS command injection when manipulating parameters such as interface, destip, netmask, gateway, and metr...

A vulnerability exists within the Online Student Management System 1.0, specifically in the Announcement Management Module's handling of user input. The affected file, located at /admin/announcement/index.php?view=add, is susceptible to cross-site scripting attacks. Attackers can exploit this vul...

A security flaw has been identified in the D-Link DIR-823X router, specifically within the sub_4208A0 function of the Configuration Handler component. This vulnerability allows remote attackers to manipulate the 'dmz_host' and 'dmz_enable' parameters, leading to potential OS command injection. Th...

A security flaw has been identified in the mwielgoszewski Doorman application, specifically in the is_safe_url function located in doorman/users/views.py. This vulnerability allows attackers to manipulate the Next argument, leading to potential open redirect attacks. Such exploits can be executed...

A vulnerability exists in the D-Link DIR-615 router, specifically within the Web Configuration Interface's adv_routing.php file. This flaw allows for OS command injection due to improper handling of inputs related to dest_ip, submask, and gw arguments. Remote attackers can exploit this weakness t...

A vulnerability exists in the D-Link DIR-615 router, specifically in the DMZ Host Feature's adv_firewall.php file, which can be exploited to perform OS command injection. By manipulating the dmz_ipaddr argument, an attacker can execute arbitrary OS commands remotely. This vulnerability primarily ...

A vulnerability exists in the SourceCodester Patients Waiting Area Queue Management System 1.0 that allows attackers to exploit the file /checkin.php. This flaw enables the manipulation of the 'patient_id' argument, resulting in cross site scripting (XSS). The attack can be executed remotely, pot...

An XSS vulnerability was identified in the Patrick Mvuma Patients Waiting Area Queue Management System version 1.0, specifically within the appointments.php file. The issue stems from insufficient validation of the 'patient_id' parameter, allowing remote attackers to craft malicious inputs that e...

A security vulnerability has been identified in the Tenda AC21, specifically within the web management interface at the /cgi-bin/DownloadFlash endpoint. This vulnerability allows unauthorized access to sensitive information due to improper handling of requests. An attacker could potentially explo...

A vulnerability has been detected in the Tenda AC21 Web Management Interface, specifically within the /cgi-bin/DownloadLog function. This weakness allows an attacker to perform remote manipulations that can lead to unauthorized information disclosure. The exploit method has been publicly disclose...

A security vulnerability has been identified in the Guchengwuyue Yshopmall application, specifically affecting versions up to 1.9.1. The flaw is present within the updateAvatar function located in the file /api/users/updateAvatar, related to co.yixiang.utils.FileUtil. This vulnerability allows an...

A critical flaw was discovered in the cym1102 nginxWebUI prior to version 4.3.7, where an unknown function within the Web Management Interface's configuration file allows attackers to inject malicious scripts. This vulnerability can be exploited remotely by manipulating the 'nginxDir' argument, l...

A security vulnerability exists in the D-Link DIR-823X 250416 router, specifically in the DDNS Service component. The vulnerability arises from improper handling of user inputs within the /goform/set_ddns file, leading to potential OS command injection. This flaw can be exploited remotely, allowi...

A vulnerability exists in Langflow that allows remote attackers to execute arbitrary code without authentication. The flaw is rooted in the improper handling of the exec_globals parameter at the validate endpoint, resulting in the dynamic inclusion of resources from untrusted sources. Attackers c...

A vulnerability exists in the D-Link DIR-823X, specifically affecting the set_qos function. This flaw enables remote attackers to execute arbitrary OS commands, potentially compromising the device's integrity. The exploit has been publicly disclosed, raising concerns amongst users regarding the s...

A security flaw in WukongCRM versions up to 11.3.3 has been identified, specifically within the URL Handler component located at gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java. This vulnerability permits improper authorization, allowing an attacker to exploit t...

A vulnerability exists in the Tenda TX9 routers, specifically in the setMacFilterCfg function located at /goform/setMacFilterCfg. An issue arises when the deviceList argument is manipulated, leading to a buffer overflow. This vulnerability can be exploited remotely, allowing potential attackers t...

A buffer overflow vulnerability exists in the Tenda TX9 device, specifically in the function responsible for configuring Wi-Fi settings. This flaw is triggered when an attacker manipulates the 'ssid' parameter in the '/goform/fast_setting_wifi_set' file. The vulnerability allows for potential rem...

A buffer overflow vulnerability exists in the Tenda TX9 router, specifically in the sub_42D03C function located in the /goform/SetStaticRouteCfg file. This critical flaw allows attackers to manipulate the argument list to execute arbitrary code remotely. As the exploit has been publicly disclosed...

The articles discuss two iOS zero-day vulnerabilities, CVE-2024-23225 and CVE-2024-23296, that affect a range of iPhone and iPad models. Both vulnerabilities allow attackers to bypass kernel memory protections and may lead to arbitrary code execution. Apple released patches in March and backporte...

A buffer overflow vulnerability exists in the Tenda TX3 routers, specifically in the SetIpMacBind function. This vulnerability allows for manipulation of input parameters, which could lead to an overflow condition, potentially allowing remote attackers to execute arbitrary code on the device. The...

A vulnerability exists in projectworlds Online Food Ordering System 1.0 that allows remote attackers to exploit an identified function in the view-ticket.php file. By manipulating the 'ID' argument, attackers can execute unauthorized SQL queries, potentially compromising the application's databas...

A command injection vulnerability exists in the UTT HiPER 810 device version 1.7.4-141218, specifically within the function sub_43F020 located in the /goform/formPdbUpConfig file. By manipulating the argument policyNames, an attacker can execute arbitrary commands remotely. This vulnerability has...

A security vulnerability has been identified in the PHPGurukul Hospital Management System 4.0, specifically in the /hms/admin/manage-doctors.php file. The vulnerability allows for SQL injection via manipulation of the 'ID' argument, making it possible for attackers to execute arbitrary SQL querie...

A vulnerability has been identified in the Code-Projects Online Music Site version 1.0, specifically within the AdminUpdateCategory.php file located in the Administrator/PHP directory. This vulnerability allows remote attackers to manipulate the txtimage argument to perform unrestricted file uplo...

A SQL injection vulnerability has been identified in the Online Music Site 1.0 developed by Code-Projects. This flaw resides in the /Administrator/PHP/AdminUpdateCategory.php file, allowing attackers to manipulate the txtcat argument, potentially leading to unauthorized database access. The explo...

A security flaw has been detected in the input_text function of XixianLiang's HarmonyOS-mcp-server version 0.1.0. This vulnerability allows attackers to manipulate the text argument, leading to potential OS command injection. The exploit is publicly available, making it essential for users to add...

A security issue has been identified in the D-Link DIR-823X router, specifically within the functionality of the /goform/set_ac_status file. This vulnerability allows an attacker to perform an OS command injection by manipulating certain arguments, which can be exploited remotely. The potential f...

A vulnerability has been identified in Xiaopi Panel's WAF Firewall versions up to 20260126, where improper handling of input parameters in the /demo.php file allows for SQL injection attacks. This security flaw could be exploited remotely, potentially giving an attacker unauthorized access to the...

A vulnerability exists in the D-Link DIR-823X router that allows remote attackers to exploit the /goform/set_server_settings functionality. By manipulating parameters such as terminal_addr, server_ip, and server_port, an attacker can perform os command injection. This security flaw enables unauth...

A vulnerability exists in the itsourcecode Society Management System 1.0, specifically within an unknown function in the /admin/edit_activity.php file. This vulnerability allows an attacker to perform SQL injection through manipulation of the activity_id argument. Remote exploitation is possible,...

A SQL injection vulnerability exists in the itsourcecode Society Management System 1.0, specifically within the /admin/edit_expenses.php file. By manipulating the expenses_id argument, attackers can execute unauthorized SQL commands. This vulnerability allows for remote exploitation, posing a sig...

A vulnerability has been identified in the itsourcecode Society Management System 1.0, located within the admin/delete_expenses.php file. This issue arises from improper handling of incoming data, specifically the expenses_id parameter, which results in SQL injection. Attackers can exploit this f...

A security flaw has been discovered in the itsourcecode Society Management System version 1.0, specifically within the file /admin/edit_admin.php. This vulnerability allows an attacker to manipulate the admin_id parameter, leading to a SQL injection attack. As a result, unauthorized access to sen...

The Tenda G300-F router's firmware vulnerabilities relate to the WAN diagnostic functionality, specifically in the formSetWanDiag process. This vulnerability allows remote attackers, with access to the management interface, to inject arbitrary shell commands through inadequate input validation in...

A local vulnerability has been identified in Mapnik versions up to 4.2.0, specifically in the function mapnik::detail::mod<...>::operator located in src/value.cpp. This issue allows for a divide by zero manipulation, which could potentially be exploited. The vulnerability has been publicly disclo...

A vulnerability exists in a WordPress plugin that may allow unauthorized access or manipulation of sensitive data due to inadequate security measures. Users of this plugin should be aware of potential risks and review their configurations to ensure proper security protocols are in place.

A security vulnerability has been identified in the WebUploader component of Yuan1994's Tpadmin software. Found in the file /public/static/admin/lib/webuploader/0.1.5/server/preview.php, this flaw enables deserialization of untrusted data. Attackers can exploit this vulnerability remotely, puttin...