WordPress Contact List plugin versions 3.0.17 and below suffer from a persistent cross site scripting vulnerability...
WordPress Tutor LMS plugin versions 3.9.5 and below suffer from broken access control and insecure direct object reference vulnerabilities...
XiboCMS version 3.3.4 zip slip exploit that leverages path traversal and arbitrary file upload vulnerabilities to achieve code execution...
NetBT e-Fatura 2024 suffers from an unquoted service path vulnerability...
MyRewards β Loyalty Points and Rewards for WooCommerce versions 5.6.0 and below suffer from a missing authorization vulnerability that allows for p...
SQLite version 3.50.1 proof of concept that triggers a heap overflow in winsqlite3.dll via excessive aggregate functions...
RomM versions prior to 4.4.1 chained vulnerabilities exploit that leverages file upload to achieve cross site scripting that then leverages csrf to...
Proof of concept exploit that demonstrates user data exposure via an insecure direct object reference and missing access control vulnerabilities in...
Soosyze CMS 2.0 suffers from a missing authentication rateβlimiting vulnerability CWEβ307 on the /user/login endpoint. The application allows unlim...
This proof of concept demonstrates a security issue in wlc versions earlier than 1.17.0, where SSL/TLS certificate validation can be bypassed. By a...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning β all in one platform.
