NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not p...
An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited S...
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows Stored XSS. This issue affects Instant Breaking News: f...
Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition allows Object Injection. This issue affect...
Metasploit Framework Cheatsheet Introduction Metasploit is...
SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fail...
CVE-2025-8088: WinRAR’s Zero-Day Path Traversal — From Zero to Pwn 🗿 Intro – The “Old Friend”...
CVE-2025-8088 WinRAR Exploit 🔓 A proof-of-concept exploit for WinRAR vulnerability...
OPNsense 25.1 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The spa...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.