Publicly Disclosed
PoC Exploits

A vulnerability has been detected in the Online Food Ordering System 1.0 developed by code-projects. The issue resides in the file /dbfood/localhost.sql, where improper access controls allow for the potential manipulation of sensitive files and directories. This vulnerability can be exploited rem...

A security flaw has been identified in the Online Food Ordering System (version 1.0) developed by Code-Projects. This vulnerability involves an improper handling of user-supplied input within the /dbfood/food.php file, specifically targeting the argument 'cuisines'. This oversight allows for cros...

The GNU Inetutils telnet daemon (telnetd) is vulnerable to a remote authentication bypass that can occur when an attacker manipulates the USER environment variable by specifying a '-f root' value. This flaw allows unauthorized users to gain access without proper authentication. Affected users sho...

A vulnerability exists in the Online Food Ordering System 1.0 developed by Code-Projects, specifically within the /dbfood/contact.php file. This weakness allows for the exploitation of user-supplied input in the 'Name' parameter, enabling attackers to execute cross-site scripting (XSS) attacks re...

An elevation of privilege vulnerability in Microsoft Edge arises from improper enforcement of cross-domain policies. This flaw could allow an attacker to obtain sensitive information from one domain and inject it into another, potentially compromising users' security. If exploited through a malic...

Weblate, a web-based localization tool, has a security vulnerability in its SSH management console prior to version 5.16.0. The console does not correctly validate user input when adding SSH host keys, which can lead to an argument injection vulnerability, allowing potentially unauthorized action...

A security vulnerability in PyMySQL versions up to 1.1.0 exposes applications to SQL injection attacks when untrusted JSON input is utilized. This occurs because the keys within the input are not properly escaped by the escape_dict function, potentially allowing malicious users to manipulate SQL ...

River Past Audio Converter version 7.7.16 is susceptible to a local buffer overflow vulnerability that can be exploited by attackers. By entering an excessively long string into the 'E-Mail and Activation Code' field, an attacker can trigger a denial of service condition, causing the application ...

River Past CamDo version 3.7.6 is vulnerable to a structured exception handler buffer overflow. This vulnerability allows local attackers to execute arbitrary code by providing a specially crafted string in the Lame_enc.dll name field. By manipulating a 280-byte buffer with a non-sequential excep...

MyVideoConverter Pro version 3.14 suffers from a local buffer overflow vulnerability, which can be exploited by attackers to crash the application. By entering an excessively long string of up to 10,000 bytes into the 'Copy and Paste Registration Code' field, malicious users can trigger a denial ...

The vulnerability in PassFab RAR Password Recovery 9.3.2 is due to a structured exception handler (SEH) buffer overflow, which can be exploited by local attackers. By crafting a malicious payload that includes a buffer overflow, NSEH jump, and shellcode, attackers can manipulate the software duri...

The vulnerability in PassFab Excel Password Recovery 8.3.1 is attributed to a structured exception handling (SEH) buffer overflow, which can be exploited by local attackers. By inputting a specially crafted payload into the Licensed E-mail and Registration Code fields during the registration proc...

PDF Explorer version 1.5.66.2 is susceptible to an SEH overflow vulnerability that enables local attackers to execute arbitrary code. By exploiting this vulnerability, attackers can manipulate the structured exception handling records, allowing them to overwrite critical data. The attack involves...

AnyBurn version 4.3 is susceptible to a local buffer overflow vulnerability that can be triggered by an attacker providing an excessively long string in the 'Image file name' field. During the 'Copy disk to Image' operation, an attacker can input a 10000-byte payload, leading to a denial of servi...

Excel Password Recovery Professional version 8.2.0.0 is susceptible to a local buffer overflow vulnerability that can lead to denial of service. By inputting a maliciously crafted string of 5000 bytes or more into the 'E-Mail and Registrations Code' field, an attacker can trigger a crash of the a...

MegaPing is susceptible to a local buffer overflow vulnerability that can lead to a denial-of-service condition. When an attacker supplies a payload that exceeds the expected limits in the Destination Address List field during the Finger function, it can lead to a crash of the application. This f...

Nsauditor 3.0.28.0 is affected by a buffer overflow vulnerability due to inadequate handling of input in the DNS Lookup tool. This allows local attackers to execute arbitrary code by crafting a malicious payload that overwrites the structured exception handling (SEH) chain. By injecting shellcode...

Boxoft Wav-WMA Converter version 1.0 is susceptible to a local buffer overflow vulnerability within its structured exception handling routines. This flaw enables attackers to execute arbitrary code on affected Windows systems by crafting malicious WAV files. By supplying a specially formatted WAV...

Allok Video Splitter version 3.1.1217 has a buffer overflow vulnerability that can be exploited by local attackers. By inputting an oversized string (exceeding 780 bytes) into the License Name field during registration, an attacker can trigger the overflow when they click the Register button. Thi...

A cross-site scripting (XSS) vulnerability has been identified in the itsourcecode Payroll Management System versions up to 1.0. This security flaw resides in the /index.php file, where improper handling of the 'page' argument allows malicious actors to execute arbitrary scripts in the context of...

A vulnerability has been discovered in the itsourcecode Free Hotel Reservation System version 1.0, particularly in the file /admin/mod_amenities/index.php?view=editpic. This issue can be exploited by manipulating the argument ID, leading to SQL injection attacks. The vulnerability allows unauthor...

A vulnerability has been identified in the itsourcecode Free Hotel Reservation System version 1.0 that allows for unrestricted file uploads. This occurs due to improper handling of the file input in the script located at /admin/mod_amenities/index.php?view=add. An attacker can exploit this flaw r...

WebOfisi E-Ticaret 4.0 contains a SQL injection flaw in the 'urun' GET parameter, allowing unauthenticated attackers to execute malicious SQL queries. By manipulating the 'urun' parameter, attackers can perform various SQL injection techniques, including boolean-based blind, error-based, time-bas...

OpenBiz Cubi Lite version 3.0.8 contains a SQL injection flaw in its login form, permitting unauthenticated attackers to manipulate database queries via the username parameter. By sending crafted POST requests to /bin/controller.php with malicious SQL input in the username field, an attacker coul...

qdPM 9.1 contains a vulnerability that enables unauthenticated attackers to exploit the application through SQL injection. By manipulating the filter_by parameters in craftily designed POST requests directed at the timeReport endpoint, attackers can execute arbitrary SQL commands. This exploitati...

Online Quiz Maker 1.0 has been identified to contain SQL injection vulnerabilities specifically in the 'catid' and 'usern' parameters. These vulnerabilities allow authenticated attackers to execute arbitrary SQL commands by submitting specially crafted POST requests to the quiz-system.php or add-...

KomSeo Cart version 1.3 is susceptible to an SQL injection vulnerability that can be exploited by attackers. This flaw allows malicious actors to inject SQL commands via the 'my_item_search' parameter in the edit.php file. By sending carefully crafted POST requests, attackers can perform boolean-...

The ASP.NET jVideo Kit 1.0 is susceptible to an SQL injection flaw that enables unauthenticated attackers to execute arbitrary SQL commands by manipulating the 'query' parameter in the search functionality. This vulnerability allows attackers to send specially crafted SQL payloads via GET or POST...

Library CMS version 1.0 contains an SQL injection vulnerability that allows attackers to bypass authentication by sending specially crafted SQL queries through the username parameter in POST requests to the admin login endpoint. This flaw can be exploited through boolean-based blind SQL injection...

The Online Store System CMS version 1.0 includes a vulnerability that permits unauthenticated users to execute SQL injection attacks. By exploiting this flaw, attackers can inject malicious SQL code through the email parameter during client access actions. This is achieved by sending crafted POST...

The SAT CFDI 3.3 product is susceptible to an SQL injection vulnerability that occurs in its signIn endpoint. This vulnerability enables attackers to execute arbitrary SQL code via the 'id' parameter, allowing them to manipulate database queries. Through the exploitation of this vulnerability, at...

The School Management System CMS 1.0 is susceptible to an SQL injection vulnerability in its admin login interface. This flaw permits hackers to bypass authentication controls by injecting malicious SQL code through the username input. Using boolean-based blind SQL injection techniques, attackers...

Wecodex Restaurant CMS version 1.0 has a vulnerability that allows attackers to exploit SQL injection through the username parameter on the login page. By sending specially crafted POST requests, attackers may execute malicious SQL queries that can manipulate the underlying database. This vulnera...

Wecodex Hotel CMS 1.0 is susceptible to SQL injection via its admin login functionality, enabling unauthenticated attackers to execute SQL commands through the username parameter in POST requests. This weakness allows attackers to bypass authentication measures, potentially accessing sensitive da...

Shipping System CMS version 1.0 is susceptible to an SQL injection vulnerability that enables unauthenticated attackers to bypass normal authentication mechanisms. By exploiting the username parameter, attackers can inject carefully crafted SQL statements through boolean-based blind techniques vi...

A security vulnerability has been identified in the UTT HiPER 1250GW device, specifically within the function strcpy located in the /goform/formConfigDnsFilterGlobal file of the Parameter Handler component. This flaw allows an attacker to manipulate the GroupName argument, triggering a buffer ove...

A vulnerability has been discovered in the Wavlink WL-NU516U1 device, specifically affecting the function ftext located in the /cgi-bin/nas.cgi file. This issue arises due to improper handling of the Content-Length argument, leading to a stack-based buffer overflow. Attackers can exploit this vul...

A deserialization vulnerability has been identified in the wvp-GB28181-pro product by 648540858, specifically affecting the GenericFastJsonRedisSerializer function found in the RedisTemplateConfig.java file. This security flaw allows for remote exploitation, where an attacker can manipulate the A...

A security flaw has been identified in the code-projects Simple Laundry System version 1.0, specifically in the function managing `/checkregisitem.php`, which utilizes the Parameter Handler component. This vulnerability allows for SQL injection via manipulation of the argument Long-arm-shirtVol, ...

A cross-site scripting (XSS) vulnerability exists in the Code-Projects Simple Laundry System version 1.0, specifically within the '/modify.php' file's parameter handling functionality. An attacker could exploit this vulnerability by manipulating the 'firstName' argument, potentially allowing for ...

A cross-site scripting vulnerability exists in the Dameng100 MUUCMF web application, specifically within an unknown function of the /admin/extend/list.html file. By manipulating the 'Name' argument, attackers can execute malicious scripts remotely, which can compromise user sessions and data inte...

A vulnerability has been identified in Dameng100's Muucmf version 1.9.5.20260309, specifically within an unspecified function in the file /admin/config/list.html. This issue allows attackers to manipulate the 'Name' argument, leading to a cross-site scripting (XSS) attack that can be executed rem...

The WP Lightbox 2 plugin for WordPress prior to version 3.0.7 fails to properly sanitize and escape various settings. This oversight could potentially allow users with elevated privileges, such as administrators, to execute stored cross-site scripting (XSS) attacks, even in environments where the...

The LeadConnector WordPress plugin prior to version 3.0.22 contains a security vulnerability that allows unauthenticated users to access a REST route, enabling them to overwrite existing data. This oversight in authorization can lead to unauthorized data manipulation, posing a significant risk to...

The Responsive Plus plugin for WordPress prior to version 3.4.3 contains a vulnerability that allows unauthenticated users to execute arbitrary shortcodes. This occurs through the update_responsive_woo_free_shipping_left_shortcode AJAX action, which fails to validate the content_rech_data paramet...

The Shared Files plugin for WordPress, prior to version 1.7.58, contains a path traversal vulnerability that permits users with a low-level role, such as Contributor, to download sensitive files from the web server. This issue can lead to unauthorized exposure of critical files, including the wp-...

A vulnerability has been identified in Dameng100 Muucmf version 1.9.5.20260309, located within the autoReply.html file in the channel/admin.Account directory. Manipulating the argument keyword can lead to cross-site scripting (XSS), allowing attackers to inject malicious scripts into web pages vi...

A vulnerability has been identified in dameng100 muucmf version 1.9.5.20260309 affecting the /admin/Member/index.html file. This security flaw allows attackers to execute arbitrary JavaScript in the context of the affected web application, potentially compromising sensitive data or performing act...

A SQL injection vulnerability has been identified in the Online Food Ordering System version 1.0, specifically in the Admin Login Module located at /admin.php. This flaw arises from improper handling of user input, allowing attackers to manipulate the Username argument to execute unauthorized SQL...

The itsourcecode Online Enrollment System version 1.0 is vulnerable to a SQL injection flaw in the parameter handling of the 'grades' component. Specifically, an attacker can exploit the 'deptid' argument via a crafted request to the /sms/grades/index.php?view=edit&id=1 endpoint. This exploitatio...