Multilaser Router RE018 AC1200 – Cross-Site Request Forgery (Enable Remote Access)
>> TAG: #remote exploit
Multilaser Router RE018 AC1200 – Cross-Site Request Forgery (Enable Remote Access)
WordPress Plugin RSS for Yandex Turbo 1.29 – Stored Cross-Site Scripting (XSS)
BlackCat CMS 1.3.6 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
Discourse 2.7.0 – Rate Limit Bypass leads to 2FA Bypass
Tenda D151 & D301 – Configuration Download (Unauthenticated)
GetSimple CMS My SMTP Contact Plugin 1.1.1 – CSRF to RCE
Horde Groupware Webmail 5.2.22 – Stored XSS
Tileserver-gl 3.0.0 – ‘key’ Reflected Cross-Site Scripting (XSS)
Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass)
CITSmart ITSM 9.1.2.22 – LDAP Injection