Vulnerabilities

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

InfoSec News Steven Black (n0tst3) - 3 August 2023

The year 2022 witnessed a surge in cyberattacks by malicious actors targeting unpatched, internet-facing systems. In a joint Cybersecurity Advisory (CSA), top cybersecurity agencies...

A word from our sponsor

Vulnerabilities

WonderCMS 3.1.3 – ‘content’ Persistent Cross-Site Scripting

# Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting # Exploit...

Steven Black (n0tst3) - 21 November 2020

Vulnerabilities

Boxoft Convert Master 1.3.0 – ‘wav’ SEH Local Exploit

# Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local...

RiSec.Mitch - 1 January 2022

Vulnerabilities

Free MP3 CD Ripper 2.8 – Multiple File Buffer Overflow (Metasploit)

## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule <...

RiSec.Mitch - 21 November 2020

Vulnerabilities

Apache Struts 2.5.20 – Double OGNL evaluation POC

Exploit Title: Apache Struts 2.5.20 - Double OGNL evaluation # Exploit Author:...

Steven Black (n0tst3) - 18 November 2020

Vulnerabilities

Artworks Gallery Exploit 1.0 Shell Upload Vulnerability

Artworks Gallery Exploit - Arbitrary File Upload - RCE (Authenticated) CVE-2020-28688 ...

Steven Black (n0tst3) - 1 January 2022

Vulnerabilities

AIX 5.3L /usr/sbin/lquerypv local root privilege escalation

AIX 5.3L /usr/sbin/lquerypv Local Root Privilege Escalation Exploit AIX5.3L...

RiSec.Mitch - 17 November 2020

Vulnerabilities

ASUS TM-AC1900 Arbitrary Command Execution Exploit

This Metasploit module exploits an arbitrary file upload vulnerability in HorizontCMS...

Steven Black (n0tst3) - 15 November 2020

Vulnerabilities

October CMS Build 465 – Arbitrary File Read Exploit (Authenticated) 11-13

Date added: 2020-11-13 Just one of many vulns discovered on this cms. #...

RiSec.Mitch - 13 November 2020

Vulnerabilities

Microsoft Windows Local Spooler Bypass Vulnerability

One way of exploiting this on Windows 10 200x is to...

RiSec.Mitch - 13 November 2020

InfoSec News

SaltStack Salt REST API Arbitrary Command Execution Exploit

Date added 12-11-2020 This Metasploit module exploits an authentication bypass and command...

RiSec.Mitch - 1 January 2022

1...151617 Page 16 of 17

Vulnerabilities

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

Editor Picks

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

Bug Bounty -{ Oneliner Commands } – { V2 }

Web Application Security Mindmap

Privilege Escalation Techniques & Resources

Featured

WebBoss.io CMS Concerns: A Tale of Neglect and Unresponsiveness

Safely Integrating Large Language Models (LLMs) into Your Products: A White Hats Perspective

How Hackers are Utilizing ChatGPT & AI To Earn $Millions

Hacking Campaign Steals 10,000 Login Credentials From 130 Different Organizations

Cyber Academy

Bug Bounty -{ Oneliner Commands } – { V2 }

Web Application Security Mindmap

Privilege Escalation Techniques & Resources

Mastering Google Dorking: Expanding Scope, Reconnaissance and Resources

ABOUT US

Social

Subscribe for weekly updates

Add RiSec to your Homescreen?