| 49 |
Frappe LMS 2.40.0 – Public Access to Instructor Media in Course Details and Quizzes
|
Dec 14, 2025 |
Vulnerability R&D |
| 48 |
Frappe LMS 2.40.0 – Public Access to Student Community Question Media
|
Dec 14, 2025 |
Vulnerability R&D |
| 47 |
Frappe LMS 2.40.0 – Public Access to Instructor Comments and Feedback Media
|
Dec 14, 2025 |
Vulnerability R&D |
| 46 |
Frappe LMS 2.40.0 – Access to Unpublished Courses via Predictable Slugs
|
Dec 14, 2025 |
Vulnerability R&D |
| 45 |
Frappe LMS 2.40.0 – Public Access to Instructor Assignment Media
|
Dec 14, 2025 |
Vulnerability R&D |
| 3 |
[Part #1] Think like a hacker - Abusing yt-dlp for privilege escalation
|
Nov 23, 2025 |
Research |
| 2 |
Black Helicopter Vibes CTF track - HackFest & CyberChess 2025
|
Oct 31, 2025 |
CTF |
| 1 |
CVE Hunting Guide
|
Oct 24, 2025 |
Research |
| 28 |
Apache JSPWiki - v2.12.3-git-04 - Cross-Site Scripting
|
Oct 22, 2025 |
Vulnerability R&D |
| 27 |
Vvveb - v1.0.5 - Cross-Site Scripting via posts & pages
|
Oct 22, 2025 |
Vulnerability R&D |
| 26 |
Vvveb - v1.0.5 - Cross-Site Scripting via SVG
|
Oct 22, 2025 |
Vulnerability R&D |
| 25 |
Vvveb - v1.0.5 - Cross-Site Scripting via navbar
|
Oct 22, 2025 |
Vulnerability R&D |
| 24 |
EasyAppointments - v1.5.0 - Password Brute Force
|
Oct 22, 2025 |
Vulnerability R&D |
| 23 |
EasyAppointments - v1.5.0 - Cross-Site Scripting
|
Oct 22, 2025 |
Vulnerability R&D |
| 22 |
OnlyOffice Community Server - v12.7.0 - Cross-Site Scripting (cross-origin)
|
Oct 22, 2025 |
Vulnerability R&D |
| 21 |
OnlyOffice Community Server - v12.7.0 - Cross-Site Scripting
|
Oct 22, 2025 |
Vulnerability R&D |
| 20 |
Lemon OS - vnightly-2024-07-12 - Remote stack overflow
|
Oct 22, 2025 |
Vulnerability R&D |
| 19 |
Apache Answer - v1.4.1 - Externally referenced images can leak user privacy
|
Oct 22, 2025 |
Vulnerability R&D |
| 17 |
Frappe LMS - v2.35.0 - Improper Access Controls
|
Oct 14, 2025 |
Vulnerability R&D |
| 16 |
Frappe LMS - v2.35.0 - Improper Access Controls (unauthenticated)
|
Oct 14, 2025 |
Vulnerability R&D |
| 15 |
Frappe LMS - v2.35.0 - Cross-Site Scripting as student
|
Oct 14, 2025 |
Vulnerability R&D |
| 14 |
Frappe LMS - v2.35.0 - Cross-Site Scripting as instructor
|
Oct 14, 2025 |
Vulnerability R&D |
| 13 |
Typo3 CMS - v13.4.11 - Unrestricted File Upload
|
Sep 29, 2025 |
Vulnerability R&D |
| 12 |
NukeViet - v4.5.06 - Server Side Request Forgery
|
Sep 29, 2025 |
Vulnerability R&D |
| 11 |
Vvveb - v1.0.5 - Code Execution
|
Sep 29, 2025 |
Vulnerability R&D |
| 10 |
Vvveb - v1.0.5 - Server Side Request Forgery
|
Sep 29, 2025 |
Vulnerability R&D |
| 9 |
Vvveb - v1.0.5 - Internal File Read
|
Sep 29, 2025 |
Vulnerability R&D |
| 8 |
Fuel CMS - v1.5.2 - Cross-Site Scripting
|
Sep 29, 2025 |
Vulnerability R&D |
| 7 |
ezBookkeeping - v0.7.0 - Login Bruteforce
|
Sep 29, 2025 |
Vulnerability R&D |
| 6 |
ezBookkeeping - v0.7.0 - OTP Bruteforce
|
Sep 29, 2025 |
Vulnerability R&D |
