Posts

Microsoft Spooler Local Privilege Elevation

Microsoft SQL Server Reporting Services 2016 Remote Code Execution

Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution

Mida Solutions eFramework ajaxreq.php Command Injection

1CRM 8.6.7 Insecure Direct Object Reference

Acronis Cyber Backup 12.5 Build 16341 Server-Side Request Forgery

Piwigo 2.10.1 Cross Site Scripting

Zerologon Proof Of Concept

ModSecurity 3.0.x Denial Of Service

TOR Virtual Network Tunneling Tool 0.4.4.5

ThinkAdmin 6 Arbitrary File Read

Tailor MS 1.0 Cross Site Scripting

CVE-2020-1472 - Impacket library to test vulnerability for the Zerologon exploit

Joomla! paGO Commerce 2.5.9.0 SQL Injection

Pearson Vue VTS 2.3.1911 Unquoted Service Path

RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Request Forgery

Rapid7 Nexpose Installer 6.6.39 Unquoted Service Path

RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Scripting

Linux expand_downwards() / munmap() Race Condition