15-02-2022 |
CVE-2022-24977 - ImpressCMS path traversal to pre-auth RCE |
15-02-2022 |
CVE-2022-24977 - ImpressCMS path traversal to pre-auth RCE |
12-02-2022 |
impressCMS - unauthenticated code execution |
07-12-2021 |
CVE-2020-36474 - Vanilla SSRF |
23-11-2021 |
Moodle Blind SQL injection via MNet authentication |
22-10-2021 |
Moodle - Stored XSS and blind SSRF possible via feedback answer text |
20-08-2021 |
Vanilla - SSRF via media scrape API through dns rebinding |
22-07-2021 |
CVE-2021-36396 - Moodle Blind SSRF possible against cURL blocked hosts |
17-05-2021 |
CVE-2021-32474 - Moodle Blind SQL injection via MNet authentication |
17-05-2021 |
3kCTF-2021 - ppaste writeup |
31-12-2020 |
CVE-2020-36474 - safecurl <= 3.3, vanilla forum <= 0.9.2 dns rebind to ssrf |
29-09-2020 |
CVE-2020-26134 - Live Helper Chat before 3.44v - stored xss |
25-07-2020 |
3kCTF-2020 - reporter writeup |
25-07-2020 |
3kCTF-2020 - Glitch writeup |
25-07-2020 |
3kCTF-2020 - Glitch exploit |
14-05-2020 |
CVE-2020-12720 - Vbulletin RCE |