This Metasploit module exploits an unauthenticated remote code execution vulnerability in the AVideos notify.ffmpeg.json.php endpoint. The vulnerab...
Control Web Panel CWP versions less than or equal to 0.9.8.1208 are vulnerable to unauthenticated OS command injection. User input passed via the "...
This Metasploit module exploits a critical remote code execution vulnerability CVE-2025-68613 in the n8n workflow automation platform. The vulnerab...
This Metasploit module exploits a command injection vulnerability in Web-Check's /api/screenshot endpoint. The directChromiumScreenshot function us...
LibreChat's Model Context Protocol MCP implementation contained a remote command execution vulnerability that allowed any authenticated user to exe...
In Eptura Archibus versions before version 2025.01, the "Run script" and "Server File" components of the "Database Update Wizard" are vulnerable to...
Hustle plugin versions 7.8.3 and below contain hardcoded HubSpot API credentials in inc/providers/hubspot/hustle-hubspot-api.php...
This Metasploit module exploits an unrestricted file upload vulnerability in Prison Management System version 1.0. An authenticated user can upload...
This Metasploit module exploits an unserialization flaw by creating a userstory in a project...
WordPress Quiz Maker plugin versions 6.7.0.56 and below suffer from a remote SQL injection vulnerability...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
