渗透字典

This repository is an offensive tool for Bug Bounty research and exploitation. The primary CVE ID is not explicitly mentioned, but it appears to be a collection of exploits and techniques for various vulnerabilities. The repository contains a wide range of exploits and techniques, including: 1...

Account Takeover and Persistence due to the Oauth Misconfiguration

Team, May you all be well on your side of the screen. : . While Doing some research on thehttps://cal.com/, I was able to find a Pre-Account Takeover vulnerability. Proof of concept: . I have created a video demonstration of the vulnerability and uploaded it to my Google Drive. . The link for the...

Microweber CMS 1.2.15 Account Takeover

Exploit Title: Microweber CMS 1.2.15 - Account Takeover Date: 2022-05-09 Exploit Author: Manojkumar J Vendor Homepage: https://github.com/microweber/microweber Software Link: https://github.com/microweber/microweber/releases/tag/v1.2.15 Version: =1.2.15 Tested on: Windows10 CVE : CVE-2022-1631...