Toggle navigation
Computer Forensics Bootcamp
Cyber Range
Contact
News
Exploits
[webapps] FortiWeb 8.0.2 - Remote Code Execution
[local] 7-Zip 24.00 - Directory Traversal
[webapps] xibocms 3.3.4 - RCE
[local] SQLite 3.50.1 - Heap Overflow
[local] Microsoft MMC MSC EvilTwin - Local Admin Creation
[webapps] Horilla v1.3 - RCE
[local] is-localhost-ip 2.0.0 - SSRF
[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass
[local] Windows Kernel - Elevation of Privilege
[local] Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation
[webapps] ASP.net 8.0.10 - Bypass
[webapps] Grafana 11.6.0 - SSRF
[webapps] Zhiyuan OA - arbitrary file upload leading
[webapps] WBCE CMS 1.6.4 - Remote Code Execution
[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution
[webapps] WordPress Madara - Local File Inclusion
[webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution
[webapps] mailcow 2025-01a - Host Header Password Reset Poisoning
[webapps] Easy File Sharing Web Server v7.2 - Buffer Overflow
[webapps] WeGIA 3.5.0 - SQL Injection
[webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)
[webapps] motionEye 0.43.1b4 - RCE
[remote] Windows 10.0.17763.7009 - spoofing vulnerability
[local] glibc 2.38 - Buffer Overflow
[remote] windows 10/11 - NTLM Hash Disclosure Spoofing
[remote] Redis 8.0.2 - RCE
[webapps] OctoPrint 1.11.2 - File Upload
[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
[webapps] aiohttp 3.9.1 - directory traversal PoC
[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure
[webapps] Piranha CMS 12.0 - Stored XSS in Text Block
[webapps] RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)
[hardware] D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)
[webapps] RPi-Jukebox-RFID 2.8.0 - Remote Command Execution
[webapps] Siklu EtherHaul Series EH-8010 - Arbitrary File Upload
[webapps] Siklu EtherHaul Series EH-8010 - Remote Command Execution
[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection
[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
[webapps] esm-dev 136 - Path Traversal
[webapps] Pluck 4.7.7-dev2 - PHP Code Execution
[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)
[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)
[webapps] MaNGOSWebV4 4.0.6 - Reflected XSS
Last 20 Website Defacements - Zone-h
Advisories
