All

03-02-2024 CVE CVE-2023-39297 - QTS 5.1.x, 4.5.x; QuTS hero h5.1.x, h4.5.x; QuTScloud 5.x OS Command Injection
03-02-2024 CVE CVE-2023-39303 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x Improper Authentication
03-02-2024 CVE CVE-2023-39302 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection
03-02-2024 CVE CVE-2023-41281 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection
03-02-2024 CVE CVE-2023-41282 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection
03-02-2024 CVE CVE-2023-41283 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection
06-01-2024 CVE CVE-2023-39294 - QTS 5.1.x, QuTS hero h5.1.x OS Command Injection
24-12-2023 POST Remedy Invitational Challenge Writeup
10-11-2023 CVE CVE-2023-41285 - QNAP Qumagie < 2.1.4 SQL Injection
10-11-2023 CVE CVE-2023-41284 - QNAP Qumagie < 2.1.4 SQL Injection
10-11-2023 CVE CVE-2023-39295 - QNAP Qumagie < 2.1.3 OS command injection
27-04-2023 CVE CVE-2023-2336 - Pimcore Path Traversal in Asset "import from server" option
27-04-2023 CVE CVE-2023-2338 - Pimcore SQL Injection in AssetController
13-04-2023 CVE CVE-2023-29506 - XWIKI RXSS with authenticate endpoints
13-12-2022 CVE CVE-2022-46391 - Awstats hostinfo reflected XSS
22-11-2022 CVE CVE-2022-45152 - Moodle Blind SSRF in LTI provider library
13-08-2022 CVE CVE-2022-3967 - VestaCP func/main.sh argument injection
18-07-2022 CVE CVE-2022-35651 - Moodle Stored XSS and blind SSRF possible via SCORM track
18-05-2022 EXPLOIT VestaCP Multiple vulnerabilities
26-04-2022 POST VestaCP Multiple Vulnerabilities
15-02-2022 EXPLOIT CVE-2022-24977 - ImpressCMS path traversal to pre-auth RCE
15-02-2022 CVE CVE-2022-24977 - ImpressCMS path traversal to pre-auth RCE
12-02-2022 POST impressCMS - unauthenticated code execution
07-12-2021 EXPLOIT CVE-2020-36474 - Vanilla SSRF
05-12-2021 POST HITCON CTF 2021 Metamon-Verse Writeup
23-11-2021 POST Moodle Blind SQL injection via MNet authentication
22-10-2021 POST Moodle - Stored XSS and blind SSRF possible via feedback answer text
20-08-2021 POST Vanilla - SSRF via media scrape API through dns rebinding
09-08-2021 POST Roxy-WI through 5.2.2.0 pre-auth RCE
07-08-2021 CVE CVE-2021-38169 - Roxy-WI through 5.2.2.0 allows authenticated cmd Injection
07-08-2021 CVE CVE-2021-38168 - Roxy-WI through 5.2.2.0 allows authenticated SQL injection
07-08-2021 CVE CVE-2021-38167 - Roxy-WI through 5.2.2.0 allows unauthenticated SQL Injection
22-07-2021 CVE CVE-2021-36396 - Moodle Blind SSRF possible against cURL blocked hosts
17-05-2021 CVE CVE-2021-32474 - Moodle Blind SQL injection via MNet authentication
17-05-2021 EXPLOIT 3kCTF-2021 - babyrtos exploit
17-05-2021 EXPLOIT 3kCTF-2021 - telnet exploit
17-05-2021 POST 3kCTF-2021 - ppaste writeup
16-03-2021 CVE CVE-2021-20280 - Moodle Stored XSS and blind SSRF via feedback answer text
11-01-2021 POST h1CTF - HackyHolidays walkthrough
31-12-2020 POST iceCTF-2020 - krouter writeup
31-12-2020 CVE CVE-2020-36474 - safecurl <= 3.3, vanilla forum <= 0.9.2 dns rebind to ssrf
29-09-2020 CVE CVE-2020-26134 - Live Helper Chat before 3.44v - stored xss
25-07-2020 POST 3kCTF-2020 - babym1ps writeup
25-07-2020 EXPLOIT 3kCTF-2020 - babym1ps exploit
25-07-2020 POST 3kCTF-2020 - reporter writeup
25-07-2020 POST 3kCTF-2020 - Glitch writeup
25-07-2020 EXPLOIT 3kCTF-2020 - Glitch exploit
14-05-2020 EXPLOIT CVE-2020-12720 - Vbulletin RCE

CONTACT



rekter0 © 2024