PT-2025-24278 · Kunbus · Revolution Pi Webstatus +1

Name of the Vulnerable Software and Affected Versions: RevPi Webstatus versions prior to v2.4.6 Description: An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion, leading to full compromise of the device. The root...

The vulnerability of the Apache OpenMeetings video conferencing software, related to insufficient comparison, allows a intruder to gain unauthorized access to protected information.

The vulnerability of Apache OpenMeetings video conferencing software is related to insufficient comparison. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

h1-ctf: [H1-2006 2020] In-depth resolution of the h1-2006 CTF

H1-2006 Write-up bountypay.h1ctf.com First of all, huge thanks to the creators for this CTF, it was really fun and got me to improve a lot ! It was my first h1 ctf, and it for sure won't be my last ! For this report, I'll try to define for each step : an abstract of what was the bug the real life...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...