Navigate CMS 2.9.4 – Server-Side Request Forgery (SSRF) (Authenticated)
>> ARCHIVE: 2022-05
Navigate CMS 2.9.4 – Server-Side Request Forgery (SSRF) (Authenticated)
Bitrix24 – Remote Code Execution (RCE) (Authenticated)
WordPress Plugin stafflist 3.1.2 – SQLi (Authenticated)
Joomla Plugin SexyPolling 2.1.7 – SQLi
WordPress Plugin Blue Admin 21.06.01 – Cross-Site Request Forgery (CSRF)
Beehive Forum – Account Takeover
MyBB 1.8.29 – MyBB 1.8.29 – Remote Code Execution (RCE) (Authenticated)
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 – Remote Root Backdoor
PHProjekt PhpSimplyGest v1.3. – Stored Cross-Site Scripting (XSS)
Cyclos 4.14.7 – DOM Based Cross-Site Scripting (XSS)