Publicly Disclosed
PoC Exploits

The Library Viewer plugin for WordPress prior to version 3.2.0 is susceptible to a vulnerability that allows attackers to inject malicious scripts through unsanitized parameters. This flaw could be exploited to execute scripts in the context of high privilege users, including administrators, posi...

The User Profile Builder plugin for WordPress lacks a secure password reset process, which permits unauthorized users to reset passwords of any account by simply knowing the username. This leads to the potential compromise of user accounts, including those with administrative privileges, thereby ...

A vulnerability exists in Microsoft Office that allows attackers to manipulate untrusted inputs, enabling them to bypass critical security measures locally. This flaw can expose systems to unauthorized actions, compromising the integrity of sensitive data. It is crucial for users to apply the lat...

A vulnerability in the Node.js permissions model allows attackers to bypass file system read and write restrictions. By leveraging crafted relative symlink paths, an attacker can manipulate directory structures and escape the intended restrictions. This flaw permits unauthorized access to sensiti...

A vulnerability in Zhong Bang's CRMEB up to version 5.6.3 allows remote attackers to exploit missing authorization in the crontab Endpoint (CrontabController.php). This security flaw exposes unknown code within the application, potentially leading to unauthorized access. The issue has been public...

Zhong Bang CRMEB, up to version 5.6.3, contains a vulnerability affecting order processing due to improper authorization in the /api/store_integral/order/detail/:uni function. This weakness allows attackers to manipulate the order_id parameter, potentially gaining unauthorized access to sensitive...

A significant use-after-free vulnerability has been identified in Apple’s iOS and macOS products, impacting versions prior to the latest updates. This flaw arises due to improper memory management, allowing maliciously crafted web content to trigger arbitrary code execution. Apple has acknowledge...

A critical issue in Camaleon CMS's UsersController, specifically in the 'updated_ajax' method, enables privilege escalation due to the improper handling of parameters. The vulnerability arises from the use of the permit! method, which fails to filter input, allowing all parameters to be processed...

A critical issue in Camaleon CMS's UsersController, specifically in the 'updated_ajax' method, enables privilege escalation due to the improper handling of parameters. The vulnerability arises from the use of the permit! method, which fails to filter input, allowing all parameters to be processed...

EPSON EasyMP Network Projection version 2.81 contains an unquoted service path vulnerability in the EMP_NSWLSV service. This flaw allows local users to potentially execute arbitrary code by exploiting the unquoted path in 'C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\'. Att...

TFTP Turbo 4.6.1273 has a security flaw due to an unquoted service path that can be exploited by local attackers. This vulnerability could allow them to execute arbitrary code with elevated privileges. By manipulating the unquoted path in the service configuration, attackers may inject malicious ...

DHCP Turbo version 4.61298 has an unquoted service path vulnerability that can be exploited by local attackers. By placing malicious executables in the service binary path, an attacker can gain elevated privileges when the service starts. This flaw allows the potential execution of arbitrary code...

SpyHunter 4 contains an unquoted service path vulnerability that enables local users to execute arbitrary code with elevated privileges. This security flaw arises when malicious executables are placed in specific locations within the file system, allowing an attacker to gain higher access levels ...

The Iskysoft Application Framework Service version 2.4.3.241 presents an unquoted service path vulnerability, which allows local users to execute arbitrary code with elevated privileges. By exploiting this vulnerability, an attacker can manipulate the service's configuration to run malicious exec...

BOOTP Turbo 2.0.1214 is affected by an unquoted service path vulnerability that can be exploited by local attackers to potentially execute arbitrary code. By capitalizing on the improperly formatted service path, attackers can inject malicious code which is executed with elevated permissions when...

Veritas NetBackup 7.0 is vulnerable due to an unquoted service path in the NetBackup INET Daemon service. Local users can exploit this vulnerability to execute arbitrary code with elevated LocalSystem privileges by manipulating the unquoted path located at C:\Program Files\Veritas\NetBackup\bin\b...

The Deep Instinct Windows Agent 1.2.29.0 is affected by an unquoted service path vulnerability in its DeepMgmtService. This flaw permits local users to potentially execute arbitrary code with elevated privileges. The unquoted path located in C:\Program Files\HP Sure Sense\DeepMgmtService.exe can ...

The Avast SecureLine VPN version 5.5.522.0 is susceptible to an unquoted service path vulnerability. This flaw may allow local users to execute arbitrary code with elevated system privileges by taking advantage of the improperly formatted service path in the software's configuration. Attackers ca...

A critical issue in Camaleon CMS's UsersController, specifically in the 'updated_ajax' method, enables privilege escalation due to the improper handling of parameters. The vulnerability arises from the use of the permit! method, which fails to filter input, allowing all parameters to be processed...

The QWE DL 2.0.1 mobile web application is susceptible to a persistent input validation vulnerability that allows remote attackers to inject malicious scripts through manipulated path parameters. This flaw enables attackers to execute persistent cross-site scripting (XSS) attacks, which can compr...

The Banco Guayaquil mobile iOS application version 8.0.0 contains a persistent cross-site scripting vulnerability that can be exploited via the TextBox Name Profile input field. Attackers can send specially crafted POST requests to inject malicious scripts that will execute within the application...

WiFi File Transfer version 1.0.8 is susceptible to a persistent cross-site scripting vulnerability, which permits remote attackers to inject harmful script codes through file and folder names. This flaw takes advantage of the web server's input validation inadequacies, enabling malicious JavaScri...

The Free Photo & Video Vault app version 0.0.2 is susceptible to a directory traversal vulnerability that allows remote attackers to manipulate application path requests. This flaw can be exploited to retrieve sensitive system files and environment variables without requiring any user privileges,...

Webile version 1.0.1 includes a flaw that allows unauthenticated remote attackers to exploit directory traversal, enabling them to manipulate file system paths. This critical gap can expose sensitive directories and potentially lead to unauthorized access to the mobile device's local file system,...

Knap Advanced PHP Login version 3.1.3 is susceptible to a persistent cross-site scripting (XSS) vulnerability, allowing attackers to inject harmful scripts via the name parameter. Exploitation of this flaw can result in executing arbitrary scripts within the user interface and activity log backen...

BootCommerce 3.2.1 features a persistent input validation flaw that allows attackers to inject malicious script code through unchecked guest order checkout fields. This vulnerability enables the execution of arbitrary scripts, which can lead to serious security breaches including session hijackin...

Icinga Web 2.8.2 is vulnerable to a client-side cross-site scripting (XSS) flaw that allows remote attackers to inject malicious scripts via the icinga.min.js file. The vulnerability stems from improper handling of events in the EventListener.handleEvent method. Exploitation of this vulnerability...

The Stripe Green Downloads WordPress Plugin version 2.03 has a persistent cross-site scripting vulnerability. This flaw allows remote attackers to inject malicious scripts into button label fields. By exploiting this vulnerability, attackers can manipulate input parameters to execute arbitrary sc...

WebMO Job Manager 20.0 is susceptible to a cross-site scripting (XSS) vulnerability that arises from inadequately sanitized input in search parameters. This flaw enables remote attackers to inject harmful scripts into the application. By exploiting the filterSearch and filterSearchType parameters...

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability that could enable remote attackers to inject malicious scripts through user input parameters. This exploitation can occur within the newUser and editUser modules, allowing attackers to execute injected scripts on user list pr...

The Simple CMS 2.1 version is subject to a non-persistent cross-site scripting (XSS) vulnerability that allows attackers to inject malicious scripts via the 'id' parameter in the preview.php file. This exploitation occurs through a simple GET request, enabling the execution of arbitrary scripts t...

Simple CMS 2.1 is vulnerable to a remote SQL injection that enables attackers with administrative privileges to execute arbitrary SQL commands. This vulnerability stems from inadequate input validation in the admin.php file, specifically in the users module. By exploiting this flaw, a malicious a...

PHP Melody version 3.0 is susceptible to a remote SQL injection vulnerability found within its video editing module. This flaw enables authenticated attackers to exploit the unvalidated 'vid' parameter, leading to the execution of arbitrary SQL commands on the database. If successful, this can re...

PHP Melody 3.0 is vulnerable to a persistent cross-site scripting attack through its video editor feature. Privileged users can exploit the WYSIWYG editor to inject malicious scripts, which may lead to session hijacking and manipulation of application content. Securing this application against su...

PHP Melody version 3.0 is affected by a persistent cross-site scripting vulnerability located in the 'edit-video.php' submitted parameter. This security flaw enables remote attackers to inject malicious JavaScript code. If exploited, this vulnerability could facilitate unauthorized access to user...

Affiliate Pro version 1.7 has multiple reflected cross-site scripting vulnerabilities within the index module's input fields. Attackers are able to inject malicious scripts through the fullname, username, and email parameters. This could lead to client-side attacks, allowing unauthorized manipula...

Mult-E-Cart Ultimate version 2.4 is susceptible to multiple SQL injection vulnerabilities across its inventory, customer, vendor, and order modules. This flaw allows remote attackers who possess privileged vendor or administrative roles to manipulate the 'id' parameter, enabling them to execute a...

PHP Melody version 3.0 is vulnerable to multiple non-persistent cross-site scripting (XSS) attacks, particularly within the categories, import, and user import functionalities. Attackers can exploit these vulnerabilities by injecting malicious scripts through unvalidated parameters. This can lead...

Multiple payment terminal versions have been found to be susceptible to non-persistent cross-site scripting (XSS) vulnerabilities, specifically within the billing and payment information input fields. This vulnerability allows attackers to inject malicious scripts through vulnerable parameters. I...

Ultimate POS 4.4 is prone to a persistent cross-site scripting vulnerability that affects the product name parameter. This flaw enables remote attackers to inject malicious scripts via the product addition or editing functions. By exploiting this vulnerability, attackers can execute arbitrary Jav...

The Easy Cart Shopping Cart 2021 application is vulnerable to a non-persistent cross-site scripting (XSS) attack in the search module's keyword parameter. This vulnerability allows remote attackers to inject malicious script code through the search input, potentially compromising user sessions an...

A vulnerability exists in the Linux kernel related to improper initialization of the 'flags' member of the new pipe buffer structure. This absence of proper initialization in the copy_page_to_iter_pipe and push_pipe functions can result in the presence of stale values. As a consequence, an unpriv...

A critical issue in Camaleon CMS's UsersController, specifically in the 'updated_ajax' method, enables privilege escalation due to the improper handling of parameters. The vulnerability arises from the use of the permit! method, which fails to filter input, allowing all parameters to be processed...

A critical issue in Camaleon CMS's UsersController, specifically in the 'updated_ajax' method, enables privilege escalation due to the improper handling of parameters. The vulnerability arises from the use of the permit! method, which fails to filter input, allowing all parameters to be processed...

A vulnerability exists in Git that affects how configuration values are read and written, particularly regarding trailing carriage returns. When a submodule path includes a trailing carriage return, it is altered when read back, which can cause the submodule to be checked out to an incorrect loca...

A vulnerability exists in earlier versions of Git that affects the handling of repositories with submodules. Specifically, it can be exploited to redirect file writes to the `.git/` directory rather than the intended submodule's worktree. This exploit enables the potential execution of unauthoriz...

A vulnerability exists in earlier versions of Git that affects the handling of repositories with submodules. Specifically, it can be exploited to redirect file writes to the `.git/` directory rather than the intended submodule's worktree. This exploit enables the potential execution of unauthoriz...

The SunFounder Pironman Dashboard (pm_dashboard) versions 1.3.13 and earlier are susceptible to a path traversal vulnerability in their log file API endpoints. An unauthenticated remote attacker may exploit this security flaw by providing traversal sequences through the filename parameter, enabli...

The vLLM inference and serving engine for large language models has a vulnerability that allows arbitrary code execution. Versions from 0.10.1 up to, but not including, 0.14.0 are susceptible. The issue arises when vLLM loads dynamic modules from Hugging Face without proper validation of the `tru...

A vulnerability exists in Microsoft Office that allows attackers to manipulate untrusted inputs, enabling them to bypass critical security measures locally. This flaw can expose systems to unauthorized actions, compromising the integrity of sensitive data. It is crucial for users to apply the lat...