Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino , 41, of Land O'Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime ga...

WordPress Meris theme <= 1.2.2 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Angelo Delicato in WordPress Theme Meris versions = 1.1.2...

EUVD-2008-2044

Malware in sbrugna...

EUVD-2008-2045

Malware in sbrugna...

EUVD-2025-10560

Malicious code in bioql PyPI...

EUVD-2025-28337

Malicious code in bioql PyPI...

CVE-2025-49984

Server-Side Request Forgery SSRF vulnerability in blubrry PowerPress Podcasting powerpress allows Server Side Request Forgery.This issue affects PowerPress Podcasting: from n/a through = 11.13.11...

CVE-2025-32690 WordPress PowerPress Podcasting <= 11.12.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Angelo Mandato PowerPress Podcasting allows DOM-Based XSS.This issue affects PowerPress Podcasting: from n/a through 11.12.5...

CVE-2025-32691

CVE-2025-32691: PowerPress Podcasting (Blubrry) WordPress plugin exposed SSRF. Affected: PowerPress Podcasting

Exploit for CVE-2024-21534

Vulnerability Information: CVE-2024-21534 The jsonpath-plus...

Judging Management System v1.0 - Remote Code Execution Exploit

Exploit Title: Judging Management System v1.0 - Remote Code Execution RCE Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.html Version: 1.0...

Judging Management System 1.0 Shell Upload

Exploit Title: Judging Management System v1.0 - Remote Code Execution RCE Date: 12/11/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.ht...

angelo-jp.com Cross Site Scripting vulnerability OBB-2766451

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress WP Upload Restriction plugin <= 2.2.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Angelo Righi in WordPress WP Upload Restriction plugin versions = 2.2.3. Solution Update the WordPress WP Upload Restriction plugin to the latest available version at least 2.2.4...

Rapid7 Nexpose Installer 6.6.39 - &#039;nexposeengine&#039; Unquoted Service Path

Exploit Title: Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path Date: 2020-08-31 Exploit Author: Angelo D'Amato Vendor Homepage: https://www.rapid7.com Version: sc qc nexposeengine SC QueryServiceConfig SUCCESS SERVICENAME: nexposeengine TYPE : 10 WIN32OWNPROCESS STARTTYPE ...

Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation

Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation Vendor: Rapid7 Product web page: https://www.rapid7.com Affected version: sc qc nexposeengine SC QueryServiceConfig SUCCESS SERVICENAME: nexposeengine TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2 AUTOSTART ERRORCONTROL : 0 IGNORE BINARYPATHNAM...

Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation Vulnerability

Rapid7 Nexpose Installer version 6.6.39 suffers from a local privilege escalation vulnerability. Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation Vendor: Rapid7 Product web page: https://www.rapid7.com Affected version: sc qc nexposeengine SC QueryServiceConfig SUCCESS SERVICENAME:...

angelo-cremona.com Cross Site Scripting vulnerability

Security Researcher Zodx Helped patch 35 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting angelo-cremona.com website and its users. Following coordinated and responsible vulnerabili...

BSI Advance Hotel Booking System 2.0 - (booking_details.php) Persistent Cross-Site Scripting Vulnera

Exploit for php platform in category web applications Exploit Title:BSI Advance Hotel Booking System Persistent XSS Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc Exploit Author: Angelo Ruwantha Vendor Homepage: http://www.bestsoftinc.com Software Link:...

Cisco Adaptive Security Appliance - Path Traversal Exploit

Exploit for hardware platform in category web applications require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an...