BlackCat CMS 1.3.6 – ‘Multiple’ Stored Cross-Site Scripting (XSS) 1 min read Exploit/Advisories Vulnerabilties BlackCat CMS 1.3.6 – ‘Multiple’ Stored Cross-Site Scripting (XSS) admin April 21, 2021 # Exploit Title: BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS) # Date: 04/07/2021 # Exploit...Read More
Discourse 2.7.0 – Rate Limit Bypass leads to 2FA Bypass 1 min read Exploit/Advisories Vulnerabilties Discourse 2.7.0 – Rate Limit Bypass leads to 2FA Bypass admin April 21, 2021 # Exploit Title: Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass # Date: 14/01/2021 #...Read More
RemoteClinic 2 – ‘Multiple’ Cross-Site Scripting (XSS) 2 min read Exploit/Advisories Vulnerabilties RemoteClinic 2 – ‘Multiple’ Cross-Site Scripting (XSS) admin April 21, 2021 # Exploit Title: RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS) # Exploit Author: nu11secur1ty # Debug: g3ck0dr1v3r...Read More
glFTPd 2.11a – Remote Denial of Service 2 min read Exploit/Advisories Vulnerabilties glFTPd 2.11a – Remote Denial of Service admin April 17, 2021 # Exploit Title: glFTPd 2.11a - Remote Denial of Service # Date: 15/05/2021 # Exploit Author: xynmaps...Read More
Horde Groupware Webmail 5.2.22 – Stored XSS 5 min read Exploit/Advisories Vulnerabilties Horde Groupware Webmail 5.2.22 – Stored XSS admin April 17, 2021 [*] [*]# Exploit Title: Horde Groupware Webmail 5.2.22 - Stored XSS # Author: Alex Birnberg # Testing...Read More
htmly 2.8.0 – ‘description’ Stored Cross-Site Scripting (XSS) 2 min read Exploit/Advisories Vulnerabilties htmly 2.8.0 – ‘description’ Stored Cross-Site Scripting (XSS) admin April 17, 2021 # Exploit Title: htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS) # Authors: @nu11secur1ty & G.Dzhankushev #...Read More
Tileserver-gl 3.0.0 – ‘key’ Reflected Cross-Site Scripting (XSS) 1 min read Exploit/Advisories Vulnerabilties Tileserver-gl 3.0.0 – ‘key’ Reflected Cross-Site Scripting (XSS) admin April 17, 2021 # Exploit Title: Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS) # Date: 15/04/2021 # Exploit Author:...Read More
jQuery 1.0.3 – Cross-Site Scripting (XSS) 1 min read Exploit/Advisories Vulnerabilties jQuery 1.0.3 – Cross-Site Scripting (XSS) admin April 14, 2021 # Exploit Title: jQuery 1.0.3 - Cross-Site Scripting (XSS) # Date: 04/29/2020 # Exploit Author: Central InfoSec...Read More
jQuery 1.2 – Cross-Site Scripting (XSS) 1 min read Exploit/Advisories Vulnerabilties jQuery 1.2 – Cross-Site Scripting (XSS) admin April 14, 2021 # Exploit Title: jQuery 1.2 - Cross-Site Scripting (XSS) # Date: 04/29/2020 # Exploit Author: Central InfoSec...Read More
ExpressVPN VPN Router 1.0 – Router Login Panel’s Integer Overflow 2 min read Exploit/Advisories Vulnerabilties ExpressVPN VPN Router 1.0 – Router Login Panel’s Integer Overflow admin April 13, 2021 # Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow # Date: 09-04-2021 #...Read More
Blitar Tourism 1.0 – Authentication Bypass SQLi 1 min read Exploit/Advisories Vulnerabilties Blitar Tourism 1.0 – Authentication Bypass SQLi admin April 13, 2021 # Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi # Date: 13 April 2021 # Exploit...Read More
DMA Radius Manager 4.4.0 – Cross-Site Request Forgery (CSRF) 1 min read Exploit/Advisories Vulnerabilties DMA Radius Manager 4.4.0 – Cross-Site Request Forgery (CSRF) admin April 8, 2021 # Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF) # Date: April 8, 2021...Read More
Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS 1 min read Exploit/Advisories Vulnerabilties Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS admin April 7, 2021 # Exploit Title: Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS # Date: 07...Read More
Google Chrome 81.0.4044 V8 – Remote Code Execution 2 min read Exploit/Advisories Vulnerabilties Google Chrome 81.0.4044 V8 – Remote Code Execution admin April 6, 2021 # Exploit Title: Google Chrome 81.0.4044 V8 - Remote Code Execution # Date: 05/04/2021 # Exploit Author:...Read More
Google Chrome 86.0.4240 V8 – Remote Code Execution 1 min read Exploit/Advisories Vulnerabilties Google Chrome 86.0.4240 V8 – Remote Code Execution admin April 6, 2021 # Exploit Title: Google Chrome 86.0.4240 V8 - Remote Code Execution # Date: 05/04/2021 # Exploit Author:...Read More
phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated) 1 min read Exploit/Advisories Vulnerabilties phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated) admin April 1, 2021 # Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated) # Date: 29/03/2021 # Exploit...Read More
Latrix 0.6.0 – ‘txtaccesscode’ SQL Injection 2 min read Exploit/Advisories Vulnerabilties Latrix 0.6.0 – ‘txtaccesscode’ SQL Injection admin April 1, 2021 # Exploit Title: Latrix 0.6.0 – 'txtaccesscode' SQL Injection # Date: 03/30/2021 # Exploit Author: cptsticky #...Read More
CourseMS 2.1 – ‘name’ Stored XSS 1 min read Exploit/Advisories Vulnerabilties CourseMS 2.1 – ‘name’ Stored XSS admin March 31, 2021 # Exploit Title: CourseMS 2.1 - 'name' Stored XSS # Date: 03/30/2021 # Exploit Author: cptsticky #...Read More
Openlitespeed 1.7.9 – ‘Notes’ Stored Cross-Site Scripting 1 min read Exploit/Advisories Vulnerabilties Openlitespeed 1.7.9 – ‘Notes’ Stored Cross-Site Scripting admin March 30, 2021 # Exploit Title: Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting # Date: 3/30/2021 # Exploit Author: cmOs...Read More
Equipment Inventory System 1.0 – ‘multiple’ Stored XSS 1 min read Exploit/Advisories Vulnerabilties Equipment Inventory System 1.0 – ‘multiple’ Stored XSS admin March 29, 2021 # Exploit Title: Equipment Inventory System 1.0 - 'multiple' Stored XSS # Exploit Author: Jitendra Kumar Tripathi...Read More