Posts
- October 5, 2021 CVE-2021-43136 - FormaLMS - The evil default value that leads to Authentication Bypass
- July 9, 2021 SA-CONTRIB-2021-036 - Privilege escalation via XML Signature Wrapping on Miniorange Drupal plugin
- June 14, 2020 Matrix Synapse 1.12.3 - SSRF and Cache poisoning
- December 14, 2018 CVE-2018-20139 - Daikin Emura Series - Arbitrary Remote Control via DNS Rebinding
- January 3, 2018 Facebook chat / dashboard content injection