PT-2025-24278 · Kunbus · Revolution Pi Webstatus +1

Name of the Vulnerable Software and Affected Versions: RevPi Webstatus versions prior to v2.4.6 Description: An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion, leading to full compromise of the device. The root...

h1-ctf: [H1-2006 2020] In-depth resolution of the h1-2006 CTF

H1-2006 Write-up bountypay.h1ctf.com First of all, huge thanks to the creators for this CTF, it was really fun and got me to improve a lot ! It was my first h1 ctf, and it for sure won't be my last ! For this report, I'll try to define for each step : an abstract of what was the bug the real life...

CVE-2018-10362

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password if the password has the form of a power in scientific notation like...