(Pwn2Own) Synology BeeStation BST150-4T SQL Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the updatesettings command. The issue results from the lack ...

Fortinet FortiWeb cgi_xmlprotection_xmlschemafile_post Directory Traversal Arbitrary File Write Vulnerability

This vulnerability allows remote attackers to create arbitrary XML schema files on affected installations of Fortinet FortiWeb. Authentication is required to exploit this vulnerability. The specific flaw exists within the cgixmlprotectionxmlschemafilepost function. The issue results from the lack...

WordPress Feedbucket – Website Feedback Tool Plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Feedbucket – Website Feedback Tool versions = 1.0.6...

CVE-2025-2008 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the importsinglepostascsv function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with...

Exploit for CVE-2025-25705

CVE-2025-25705 Description Item: Product Vendor: freebsd...

CVE-2025-29928

CVE-2025-29928 concerns authentik, an open-source identity provider. When configured to use database-based session storage (not default), deleting sessions via the Web Interface or API would not revoke those sessions, allowing session holders continued access. This affects authentik versions prio...

CVE-2025-2257

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...

CVE-2025-23203 Icinga has rest API endpoints accessible to restricted users

Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required...

CVE-2024-10037

A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled...

(0Day) BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in...

TranzAxis 3.2.41.10.26 Cross Site Scripting

TranzAxis version 3.2.41.10.26 suffers from a persistent cross site scripting vulnerability. Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version:...

Microhard (CVE-2020-17407)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

Microhard Bullet-LTE Improper Neutralization of Special Elements used in an OS Command (CVE-2020-17406)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the ping parameter provided to tools.sh. The issu...

CVE-2024-12870 Stored Cross-site Scripting (XSS) in infiniflow/ragflow

A stored cross-site scripting XSS vulnerability exists in infiniflow/ragflow, affecting the latest commit on the main branch cec2080. The vulnerability allows an attacker to upload HTML/XML files that can host arbitrary JavaScript payloads. These files are served with the 'application/xml' conten...

漏洞检测

It is an offensive tool for vulnerability detection. The repository contains a project with a name that translates to "漏洞检测" which means "vulnerability detection" in English. The project is likely used for identifying vulnerabilities in systems or applications. The code snippets provided are...

CVE-2024-13778

The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to SQL Injection via several functions in all versions up to, and including, 1.16.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

Linux Distros Unpatched Vulnerability : CVE-2021-4231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation...

Linux Distros Unpatched Vulnerability : CVE-2018-2677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u171, 7u161,...

CVE-2024-51944

There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...

CVE-2025-1730

The Simple Download Counter plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.0 via the 'simpledownloadcounterdownloadhandler'. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data includi...