CVE-2024-1813 - Simple Job Board ≤ 2.11.0 WordPress - Unauthenticated PHP Object Injection 🎥 Proof-of-Concept demo End-to-end: a guest stores a se...
CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗ ██████╗ ██████╗ ██╔════╝██║ ██║██╔════╝ ██║ ██║███║██╔═████╗██╔═████╗ ██║ ██║ ██║█████╗ ███████║╚...
SentinelWeb — Automated Web Security Audits...
CVE-2026-6815: Casdoor 3.54.1 Path Traversal & Arbitrary File Write Authenticated This repository contains a Proof of Concept PoC exploit for CVE-2...
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simple_packet_parser_ng.cpp, after vali...
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key,...
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 enables WPS 2.0 by default with a weak lockout policy (60-second lockout after 10 attempts).
Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScript...
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. T...
Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyw...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
