PyLoad 0.5.0 Remote Code Execution

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

Community Server - Stored Cross-Site Scripting in User's Signature

Community Server - Stored Cross-site Scripting in user's signature. - Product description: Community Server is a communities and collaboration web application developed by Telligent. It uses ASP.NET platform C and Microsoft SQL Server database. From it's 5.0 version, the software was renamed to...

Telligent Community Server 5.x Cross Site Scripting

Editor's note: 4 Advisories are grouped together here. ======================================================================= Community Server - Stored Cross-site Scripting in user's signature. - Product description: Community Server is a communities and collaboration web application developed b...

Unfixed XSS vulnerability at migre.me

Security researcher Gabriel Lima, has submitted on 17/06/2009 a cross-site-scripting XSS vulnerability affecting migre.me, which at the time of submission ranked 14562 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/12/2011. It is currently...