Vulnerabilities

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

InfoSec News Steven Black (n0tst3) - 3 August 2023

The year 2022 witnessed a surge in cyberattacks by malicious actors targeting unpatched, internet-facing systems. In a joint Cybersecurity Advisory (CSA), top cybersecurity agencies...

A word from our sponsor

Vulnerabilities

Ruckus IoT Controller (Ruckus vRIoT) remote code execution

CVE: 2020-26878 Platform: Multiple Date: 2020-11-27 # Product: Ruckus IoT Controller (Ruckus vRIoT) # Version:...

RiSec.Mitch - 1 January 2022

Vulnerabilities

Razer Chroma SDK Server 3.16.02 – Race Condition Remote File Execution

CVE: 2020-16602 Platform: WIN Date: 2020-11-26 Exploit Title: Razer Chroma SDK Server 3.16.02 -...

Steven Black (n0tst3) - 1 January 2022

Vulnerabilities

Pure-FTPd 1.0.48 – Remote Denial of Service

CVE: N/A Platform: Multiple Date: 2020-11-26 tested # Exploit Title: Pure-FTPd 1.0.48 - Remote Denial...

RiSec.Mitch - 26 November 2020

InfoSec News

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

cPanel, a provider of popular administrative tools to manage web hosting,...

Steven Black (n0tst3) - 1 January 2022

Vulnerabilities

SyncBreeze 10.0.28 – (password) Remote Buffer Overflow Exploit

CVE: N/A Platform: Multiple / Win / WebAPPS Date: 25-11-2020 # Exploit Title: SyncBreeze...

RiSec.Mitch - 1 January 2022

Vulnerabilities

osCommerce 2.3.4.1 – ‘title’ Persistent Cross-Site Scripting

CVE: N/A Platform: PHP Date: 2020-11-25 # Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent...

RiSec.Mitch - 25 November 2020

Vulnerabilities

nopCommerce Store 4.30 – ‘name’ Stored Cross-Site Scripting

CVE: N/A Platform: Multiple Date: 2020-11-24 # Exploit Title: nopCommerce Store 4.30 - 'name'...

Steven Black (n0tst3) - 25 November 2020

InfoSec News

Apache OpenMeetings 5.0.0 – ‘hostname’ Denial of Service

CVE: 2020-13951 Platform: Multiple Date: 2020-11-24 # Exploit Title: Apache OpenMeetings 5.0.0 - 'hostname'...

Steven Black (n0tst3) - 25 November 2020

InfoSec News

ZeroShell 3.9.0 – ‘cgi-bin/kerbynet’ Remote Root Command Injection

CVE: 2019-12725 Platform: LINUX Date: 2020-11-24 ## # This module requires Metasploit: https://metasploit.com/download # Current source:...

Steven Black (n0tst3) - 25 November 2020

Vulnerabilities

Netsuveillancewebcookie Web interface password change

# Exploit Title: NetSurveillance Web interface password change # Exploit Author: AsCiI #...

Steven Black (n0tst3) - 13 February 2022

1...141516 17 Page 15 of 17

About
Latest Posts

RiSec.Mitch

Just your average information security researcher from Delaware US.

Vulnerabilities

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

Editor Picks

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

Bug Bounty -{ Oneliner Commands } – { V2 }

Web Application Security Mindmap

Privilege Escalation Techniques & Resources

Featured

WebBoss.io CMS Concerns: A Tale of Neglect and Unresponsiveness

Safely Integrating Large Language Models (LLMs) into Your Products: A White Hats Perspective

How Hackers are Utilizing ChatGPT & AI To Earn $Millions

Hacking Campaign Steals 10,000 Login Credentials From 130 Different Organizations

Cyber Academy

Bug Bounty -{ Oneliner Commands } – { V2 }

Web Application Security Mindmap

Privilege Escalation Techniques & Resources

Mastering Google Dorking: Expanding Scope, Reconnaissance and Resources

ABOUT US

Social

Subscribe for weekly updates

Add RiSec to your Homescreen?