PoCLand

// underground exploit database v2.0

POCLAND
CVEs · PoCs · Research
root@pocland:~$
BROWSE POCS READ BLOG
0
CVEs
0
Contributors
0
Blog Posts

// RECENT_POCS

VIEW_ALL

CVE-2025-49144

HIGH
12/6/2025CVSS: 7.3

Notepad++ v8.8.1 - Privilege Escalation

1 PoCs Available
VIEW DETAILS_

CVE-2025-55182

CRITICAL
12/3/2025CVSS: 9.8

Remote code execution in React Server Components and Next.js

1 PoCs Available
VIEW DETAILS_

CVE-2025-25257

CRITICAL
7/17/2025CVSS: 9.8

An improper neutralization of special elements used in an SQL command (SQLI) vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0

1 PoCs Available
VIEW DETAILS_

CVE-2025-5777

CRITICAL
6/17/2025CVSS: 9.3

Insufficient input validation leading to memory overread

1 PoCs Available
VIEW DETAILS_

CVE-2025-3248

CRITICAL
4/7/2025CVSS: 9.8

Langflow exposes a /api/v1/builder/execute_code endpoint that takes user-supplied Python code and passes it directly to exec() on the backend. Since there's no authentication or sandboxing, attackers can craft arbitrary payloads for code execution.

1 PoCs Available
VIEW DETAILS_

CVE-2025-24893

CRITICAL
2/20/2025CVSS: 9.8

Unauthenticated RCE vulnerability affecting the XWiki

1 PoCs Available
VIEW DETAILS_

// LATEST_RESEARCH

ALL_POSTS
PoCLandSecurityResearch

Introducción a PoCLand: La Base de Datos Underground de Exploits

Qué es PoCLand, cómo funciona y por qué creamos este proyecto para centralizar los PoCs de vulnerabilidades conocidas.

Mil4neMil4ne
4/1/2025