<![CDATA[Team IT Security - ⚠️ PoC]]> 2026 <![CDATA[[webapps] OpenEMR 7.0.2 - Arbitrary File Read]]> https://tsecurity.de/de/3581651/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenEMR+7.0.2+-+Arbitrary+File+Read/ https://tsecurity.de/de/3581651/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenEMR+7.0.2+-+Arbitrary+File+Read/ Mon, 08 Jun 2026 02:00:00 +0200 <![CDATA[[webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection]]> https://tsecurity.de/de/3575179/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Contest+Gallery+28.1.4+-+Unauthenticated+Blind+SQL+Injection/ https://tsecurity.de/de/3575179/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Contest+Gallery+28.1.4+-+Unauthenticated+Blind+SQL+Injection/ Fri, 05 Jun 2026 02:00:00 +0200 <![CDATA[[webapps] WordPress OrderConvo 14 - Path Traversal]]> https://tsecurity.de/de/3563956/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+OrderConvo+14+-+Path+Traversal/ https://tsecurity.de/de/3563956/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+OrderConvo+14+-+Path+Traversal/ Mon, 01 Jun 2026 02:00:00 +0200 <![CDATA[[webapps] Drupal Core 10.5.5 - Error-Based SQL Injection]]> https://tsecurity.de/de/3563955/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Drupal+Core+10.5.5+-+Error-Based+SQL+Injection/ https://tsecurity.de/de/3563955/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Drupal+Core+10.5.5+-+Error-Based+SQL+Injection/ Mon, 01 Jun 2026 02:00:00 +0200 <![CDATA[[webapps] YAMCS yamcs-core 5.12.7 - No Rate Limiting]]> https://tsecurity.de/de/3559127/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YAMCS+yamcs-core++5.12.7+-+No+Rate+Limiting/ https://tsecurity.de/de/3559127/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YAMCS+yamcs-core++5.12.7+-+No+Rate+Limiting/ Sat, 30 May 2026 02:00:00 +0200 <![CDATA[[webapps] YAMCS yamcs-core 5.12.7 - User Enumeration]]> https://tsecurity.de/de/3559126/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YAMCS+yamcs-core++5.12.7+-+User+Enumeration/ https://tsecurity.de/de/3559126/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YAMCS+yamcs-core++5.12.7+-+User+Enumeration/ Sat, 30 May 2026 02:00:00 +0200 <![CDATA[[remote] Notepad++ 8.9.6 - Arbitrary Code Execution]]> https://tsecurity.de/de/3559125/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Notepad%2B%2B+8.9.6+-+Arbitrary+Code+Execution/ https://tsecurity.de/de/3559125/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Notepad%2B%2B+8.9.6+-+Arbitrary+Code+Execution/ Sat, 30 May 2026 02:00:00 +0200 <![CDATA[[webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection]]> https://tsecurity.de/de/3559111/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YAMCS+yamcs-core++5.12.7+-+LDAP+Injection/ https://tsecurity.de/de/3559111/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YAMCS+yamcs-core++5.12.7+-+LDAP+Injection/ Sat, 30 May 2026 02:00:00 +0200 <![CDATA[[remote] Microsoft - NTLMv2 Hash Capture]]> https://tsecurity.de/de/3556532/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Microsoft+-+NTLMv2+Hash+Capture/ https://tsecurity.de/de/3556532/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Microsoft+-+NTLMv2+Hash+Capture/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[webapps] MikroORM 7.0.13 - SQL Injection]]> https://tsecurity.de/de/3556531/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MikroORM+++7.0.13+-+SQL+Injection/ https://tsecurity.de/de/3556531/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MikroORM+++7.0.13+-+SQL+Injection/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[local] ZTE H298A / H108N - Unauthenticated Credential Exposure]]> https://tsecurity.de/de/3556485/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZTE+H298A+%2F+H108N+-+Unauthenticated+Credential+Exposure/ https://tsecurity.de/de/3556485/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZTE+H298A+%2F+H108N+-+Unauthenticated+Credential+Exposure/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[local] ZTE ZXHN H188A V6 - Authentication Bypass]]> https://tsecurity.de/de/3556484/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZTE+ZXHN+H188A+V6+-+Authentication+Bypass/ https://tsecurity.de/de/3556484/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZTE+ZXHN+H188A+V6+-+Authentication+Bypass/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion]]> https://tsecurity.de/de/3556483/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ImageMagick+-+Infinite+Loop+in+the+MIFF+decoder+can+lead+to+CPU+exhaustion/ https://tsecurity.de/de/3556483/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ImageMagick+-+Infinite+Loop+in+the+MIFF+decoder+can+lead+to+CPU+exhaustion/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[local] ZTE Routers - Unauthenticated Denial of Service]]> https://tsecurity.de/de/3556482/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZTE+Routers++-+Unauthenticated+Denial+of+Service/ https://tsecurity.de/de/3556482/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZTE+Routers++-+Unauthenticated+Denial+of+Service/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[webapps] Langflow 1.3.0 - Remote Code Execution]]> https://tsecurity.de/de/3556481/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Langflow+1.3.0+-+Remote+Code+Execution/ https://tsecurity.de/de/3556481/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Langflow+1.3.0+-+Remote+Code+Execution/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution]]> https://tsecurity.de/de/3556480/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Quick+Playground+for+WordPress+1.3.1+-+Unauthenticated+Remote+Code+Execution/ https://tsecurity.de/de/3556480/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Quick+Playground+for+WordPress+1.3.1+-+Unauthenticated+Remote+Code+Execution/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[webapps] Prodigy Commerce 3.3.0 - Local File Inclusion]]> https://tsecurity.de/de/3556479/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Prodigy+Commerce+3.3.0+-+Local+File+Inclusion/ https://tsecurity.de/de/3556479/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Prodigy+Commerce+3.3.0+-+Local+File+Inclusion/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution]]> https://tsecurity.de/de/3556414/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MixPHP+Framework+2.2.17+-+Unsafe+Deserialization+Remote+Code+Execution/ https://tsecurity.de/de/3556414/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MixPHP+Framework+2.2.17+-+Unsafe+Deserialization+Remote+Code+Execution/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[local] Linux Kernel - Local Privilege Escalation]]> https://tsecurity.de/de/3556413/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+-++Local+Privilege+Escalation/ https://tsecurity.de/de/3556413/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+-++Local+Privilege+Escalation/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)]]> https://tsecurity.de/de/3556273/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+CubeCart+%26lt%3B+6.7.0+-+Reflected+Cross-Site+Scripting+%28XSS%29+%28Unauthenticated%29/ https://tsecurity.de/de/3556273/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+CubeCart+%26lt%3B+6.7.0+-+Reflected+Cross-Site+Scripting+%28XSS%29+%28Unauthenticated%29/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution]]> https://tsecurity.de/de/3556272/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Wing+FTP+Server+8.1.3+-+Authenticated+Remote+Code+Execution/ https://tsecurity.de/de/3556272/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Wing+FTP+Server+8.1.3+-+Authenticated+Remote+Code+Execution/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[dos] strongSwan 5.9.13 - DoS]]> https://tsecurity.de/de/3556255/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bdos%5D+strongSwan+5.9.13+-+DoS/ https://tsecurity.de/de/3556255/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bdos%5D+strongSwan+5.9.13+-+DoS/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow]]> https://tsecurity.de/de/3556254/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+strongSwan+5.9.13+-+libsimaka+EAP-SIM%2FAKA+heap+buffer+overflow/ https://tsecurity.de/de/3556254/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+strongSwan+5.9.13+-+libsimaka+EAP-SIM%2FAKA+heap+buffer+overflow/ Fri, 29 May 2026 02:00:00 +0200 <![CDATA[[local] Linux Kernel - Local Privilege Escalation]]> https://tsecurity.de/de/3551243/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+-+Local+Privilege+Escalation/ https://tsecurity.de/de/3551243/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+-+Local+Privilege+Escalation/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[webapps] EspoCRM 9.3.3 - SSRF]]> https://tsecurity.de/de/3551242/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+EspoCRM+9.3.3+-++SSRF/ https://tsecurity.de/de/3551242/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+EspoCRM+9.3.3+-++SSRF/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal]]> https://tsecurity.de/de/3551241/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Casdoor+3.54.1+-+Arbitrary+File+Write+via+Path+Traversal/ https://tsecurity.de/de/3551241/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Casdoor+3.54.1+-+Arbitrary+File+Write+via+Path+Traversal/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[webapps] scramble - Remote Code Execution]]> https://tsecurity.de/de/3551185/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+scramble+-+Remote+Code+Execution/ https://tsecurity.de/de/3551185/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+scramble+-+Remote+Code+Execution/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[local] Realtek rtl819x - Local Privilege]]> https://tsecurity.de/de/3551119/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Realtek+rtl819x++-+Local+Privilege/ https://tsecurity.de/de/3551119/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Realtek+rtl819x++-+Local+Privilege/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[webapps] OpenCATS 0.9.7.4 - SQL Injection]]> https://tsecurity.de/de/3551118/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenCATS+0.9.7.4+-+SQL+Injection/ https://tsecurity.de/de/3551118/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenCATS+0.9.7.4+-+SQL+Injection/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection]]> https://tsecurity.de/de/3551117/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+MeiG+Smart+FORGE_SLT711+-+OS+Command+Injection/ https://tsecurity.de/de/3551117/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+MeiG+Smart+FORGE_SLT711+-+OS+Command+Injection/ Wed, 27 May 2026 02:00:00 +0200 <![CDATA[[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution]]> https://tsecurity.de/de/3548506/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Grav+CMS+2.0.0-beta.2+-++Remote+Code+Execution/ https://tsecurity.de/de/3548506/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Grav+CMS+2.0.0-beta.2+-++Remote+Code+Execution/ Tue, 26 May 2026 02:00:00 +0200 <![CDATA[[webapps] cPanel - CRLF Injection]]> https://tsecurity.de/de/3548445/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+cPanel+-+CRLF+Injection/ https://tsecurity.de/de/3548445/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+cPanel+-+CRLF+Injection/ Tue, 26 May 2026 02:00:00 +0200 <![CDATA[[webapps] Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover]]> https://tsecurity.de/de/3548444/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Wordpress+Temporary+Login+Plugin++1.0.0+-+%27temp-login-token%27+Authentication+Bypass+to+Account+Takeover/ https://tsecurity.de/de/3548444/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Wordpress+Temporary+Login+Plugin++1.0.0+-+%27temp-login-token%27+Authentication+Bypass+to+Account+Takeover/ Tue, 26 May 2026 02:00:00 +0200 <![CDATA[[hardware] D-Link DSL2600U - 'rom-0' Admin Password Disclosure]]> https://tsecurity.de/de/3548443/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+D-Link+DSL2600U+-+%27rom-0%27+Admin+Password+Disclosure/ https://tsecurity.de/de/3548443/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+D-Link+DSL2600U+-+%27rom-0%27+Admin+Password+Disclosure/ Tue, 26 May 2026 02:00:00 +0200 <![CDATA[[webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service]]> https://tsecurity.de/de/3548442/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Apache+HTTP+Server+2.4.66+-+%27mod_http2%27+Double-Free+Denial+of+Service/ https://tsecurity.de/de/3548442/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Apache+HTTP+Server+2.4.66+-+%27mod_http2%27+Double-Free+Denial+of+Service/ Tue, 26 May 2026 02:00:00 +0200 <![CDATA[[local] Linux Kernel 6.8 - Local Privilege Escalation]]> https://tsecurity.de/de/3548368/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+6.8+-+Local+Privilege+Escalation/ https://tsecurity.de/de/3548368/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+6.8+-+Local+Privilege+Escalation/ Tue, 26 May 2026 02:00:00 +0200 <![CDATA[[webapps] BookStack 25.12.1 - Denial of Service]]> https://tsecurity.de/de/3536562/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+BookStack+25.12.1+-+Denial+of+Service/ https://tsecurity.de/de/3536562/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+BookStack+25.12.1+-+Denial+of+Service/ Thu, 21 May 2026 02:00:00 +0200 <![CDATA[[webapps] FUXA 1.2.9 - RCE]]> https://tsecurity.de/de/3536561/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FUXA++1.2.9+-++RCE/ https://tsecurity.de/de/3536561/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FUXA++1.2.9+-++RCE/ Thu, 21 May 2026 02:00:00 +0200 <![CDATA[[webapps] solaredge - (CSRF-OOB-Injection)]]> https://tsecurity.de/de/3536560/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+solaredge+-+%28CSRF-OOB-Injection%29/ https://tsecurity.de/de/3536560/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+solaredge+-+%28CSRF-OOB-Injection%29/ Thu, 21 May 2026 02:00:00 +0200 <![CDATA[[webapps] Cockpit 359 - RCE]]> https://tsecurity.de/de/3536559/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Cockpit+359+-+RCE/ https://tsecurity.de/de/3536559/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Cockpit+359+-+RCE/ Thu, 21 May 2026 02:00:00 +0200 <![CDATA[[local] Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path]]> https://tsecurity.de/de/3536558/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Lenovo+LegionSpace+1.7.11.2+-+%27DAService%27+Unquoted+Service+Path/ https://tsecurity.de/de/3536558/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Lenovo+LegionSpace+1.7.11.2+-+%27DAService%27+Unquoted+Service+Path/ Thu, 21 May 2026 02:00:00 +0200 <![CDATA[[local] Windows Snipping Tool - NTLMv2 Hash Hijack]]> https://tsecurity.de/de/3520103/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+Snipping+Tool+-+NTLMv2+Hash+Hijack/ https://tsecurity.de/de/3520103/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+Snipping+Tool+-+NTLMv2+Hash+Hijack/ Fri, 15 May 2026 02:00:00 +0200 <![CDATA[[local] Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing]]> https://tsecurity.de/de/3519738/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Remote+Sunrise+Helper+for+Windows+2026.14+-+Unauthenticated+File%2FDirectory+Listing/ https://tsecurity.de/de/3519738/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Remote+Sunrise+Helper+for+Windows+2026.14+-+Unauthenticated+File%2FDirectory+Listing/ Fri, 15 May 2026 02:00:00 +0200 <![CDATA[[local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution]]> https://tsecurity.de/de/3519737/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Remote+Sunrise+Helper+for+Windows+2026.14+-+Remote+Code+Execution/ https://tsecurity.de/de/3519737/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Remote+Sunrise+Helper+for+Windows+2026.14+-+Remote+Code+Execution/ Fri, 15 May 2026 02:00:00 +0200 <![CDATA[[webapps] WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI]]> https://tsecurity.de/de/3517059/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Plugin+Supsystic+Contact+Form+1.7.36+-+SSTI/ https://tsecurity.de/de/3517059/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Plugin+Supsystic+Contact+Form+1.7.36+-+SSTI/ Thu, 14 May 2026 02:00:00 +0200 <![CDATA[[webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass]]> https://tsecurity.de/de/3516826/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ePati+Antikor+NGFW+2.0.1301+-++Authentication+Bypass/ https://tsecurity.de/de/3516826/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ePati+Antikor+NGFW+2.0.1301+-++Authentication+Bypass/ Thu, 14 May 2026 02:00:00 +0200 <![CDATA[[webapps] PJPROJECT 2.16 - Heap Bufferoverflow]]> https://tsecurity.de/de/3516825/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+PJPROJECT+2.16+-+Heap+Bufferoverflow/ https://tsecurity.de/de/3516825/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+PJPROJECT+2.16+-+Heap+Bufferoverflow/ Thu, 14 May 2026 02:00:00 +0200 <![CDATA[[webapps] Apache HertzBeat 1.8.0 - Remote Code Execution]]> https://tsecurity.de/de/3516824/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Apache+HertzBeat+1.8.0+-+Remote+Code+Execution/ https://tsecurity.de/de/3516824/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Apache+HertzBeat+1.8.0+-+Remote+Code+Execution/ Thu, 14 May 2026 02:00:00 +0200 <![CDATA[[webapps] glances 4.5.2 - command injection]]> https://tsecurity.de/de/3513847/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+glances+4.5.2+-+command+injection/ https://tsecurity.de/de/3513847/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+glances+4.5.2+-+command+injection/ Wed, 13 May 2026 02:00:00 +0200 <![CDATA[[webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload]]> https://tsecurity.de/de/3513846/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Ninja+Forms+Uploads+-+Unauthenticated+PHP+File+Upload/ https://tsecurity.de/de/3513846/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Ninja+Forms+Uploads+-+Unauthenticated+PHP+File+Upload/ Wed, 13 May 2026 02:00:00 +0200 <![CDATA[[webapps] Flowise < 3.0.5 - Missing Authentication for Critical Function]]> https://tsecurity.de/de/3513772/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Flowise+%26lt%3B+3.0.5+-+Missing+Authentication+for+Critical+Function/ https://tsecurity.de/de/3513772/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Flowise+%26lt%3B+3.0.5+-+Missing+Authentication+for+Critical+Function/ Wed, 13 May 2026 02:00:00 +0200 <![CDATA[[webapps] coreruleset 4.21.0 - Firewall Bypass]]> https://tsecurity.de/de/3513771/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+coreruleset+4.21.0+-+Firewall+Bypass/ https://tsecurity.de/de/3513771/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+coreruleset+4.21.0+-+Firewall+Bypass/ Wed, 13 May 2026 02:00:00 +0200 <![CDATA[[remote] telnetd 2.7 - Buffer Overflow]]> https://tsecurity.de/de/3496405/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+telnetd+2.7+-+Buffer+Overflow/ https://tsecurity.de/de/3496405/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+telnetd+2.7+-+Buffer+Overflow/ Thu, 07 May 2026 02:00:00 +0200 <![CDATA[[webapps] Bludit CMS 3.18.4 - RCE]]> https://tsecurity.de/de/3496349/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Bludit+CMS+3.18.4+-++RCE/ https://tsecurity.de/de/3496349/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Bludit+CMS+3.18.4+-++RCE/ Thu, 07 May 2026 02:00:00 +0200 <![CDATA[[webapps] LuaJIT 2.1.1774638290 - Arbitrary Code Execution]]> https://tsecurity.de/de/3496348/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+LuaJIT+2.1.1774638290+-+Arbitrary+Code+Execution/ https://tsecurity.de/de/3496348/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+LuaJIT+2.1.1774638290+-+Arbitrary+Code+Execution/ Thu, 07 May 2026 02:00:00 +0200 <![CDATA[[webapps] Ghost CMS 6.19.0 - SQLi]]> https://tsecurity.de/de/3496347/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Ghost+CMS+6.19.0+-+SQLi/ https://tsecurity.de/de/3496347/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Ghost+CMS+6.19.0+-+SQLi/ Thu, 07 May 2026 02:00:00 +0200 <![CDATA[[local] NocoBase 2.0.27 - VM Sandbox Escape]]> https://tsecurity.de/de/3496276/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+NocoBase++2.0.27+-+VM+Sandbox+Escape/ https://tsecurity.de/de/3496276/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+NocoBase++2.0.27+-+VM+Sandbox+Escape/ Thu, 07 May 2026 02:00:00 +0200 <![CDATA[[webapps] ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)]]> https://tsecurity.de/de/3496275/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ThingsBoard+IoT+Platform+4.2.0+-+Server-Side+Request+Forgery+%28SSRF%29/ https://tsecurity.de/de/3496275/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ThingsBoard+IoT+Platform+4.2.0+-+Server-Side+Request+Forgery+%28SSRF%29/ Thu, 07 May 2026 02:00:00 +0200 <![CDATA[[local] Linux nf_tables 6.19.3 - Local Privilege Escalation]]> https://tsecurity.de/de/3486371/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+nf_tables+6.19.3+-+Local+Privilege+Escalation/ https://tsecurity.de/de/3486371/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+nf_tables+6.19.3+-+Local+Privilege+Escalation/ Mon, 04 May 2026 02:00:00 +0200 <![CDATA[[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation]]> https://tsecurity.de/de/3486370/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+proc_readdir_de%28%29+6.18-rc5+-+Local+Privilege+Escalation/ https://tsecurity.de/de/3486370/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Linux+Kernel+proc_readdir_de%28%29+6.18-rc5+-+Local+Privilege+Escalation/ Mon, 04 May 2026 02:00:00 +0200 <![CDATA[[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)]]> https://tsecurity.de/de/3486328/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+Linksys+E1200+2.0.04+-+Authenticated+Stack+Buffer+Overflow+%28RCE%29/ https://tsecurity.de/de/3486328/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+Linksys+E1200+2.0.04+-+Authenticated+Stack+Buffer+Overflow+%28RCE%29/ Mon, 04 May 2026 02:00:00 +0200 <![CDATA[[webapps] Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)]]> https://tsecurity.de/de/3486282/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Traccar+GPS+Tracking+System+6.11.1+-+Cross-Site+WebSocket+Hijacking+%28CSWSH%29/ https://tsecurity.de/de/3486282/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Traccar+GPS+Tracking+System+6.11.1+-+Cross-Site+WebSocket+Hijacking+%28CSWSH%29/ Mon, 04 May 2026 02:00:00 +0200 <![CDATA[[local] Windows 11 24H2 - Local Privilege Escalation]]> https://tsecurity.de/de/3486281/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+11+24H2+-+Local+Privilege+Escalation/ https://tsecurity.de/de/3486281/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+11+24H2+-+Local+Privilege+Escalation/ Mon, 04 May 2026 02:00:00 +0200 <![CDATA[[webapps] MindsDB 25.9.1.1 - Path Traversal]]> https://tsecurity.de/de/3486280/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MindsDB++25.9.1.1+-+Path+Traversal/ https://tsecurity.de/de/3486280/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MindsDB++25.9.1.1+-+Path+Traversal/ Mon, 04 May 2026 02:00:00 +0200 <![CDATA[[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit]]> https://tsecurity.de/de/3477228/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FUXA+1.2.8+-+Authentication+Bypass+%2B+RCE+Exploit/ https://tsecurity.de/de/3477228/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FUXA+1.2.8+-+Authentication+Bypass+%2B+RCE+Exploit/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Python-Multipart 0.0.22 - Path Traversal]]> https://tsecurity.de/de/3477117/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Python-Multipart+0.0.22+-+Path+Traversal/ https://tsecurity.de/de/3477117/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Python-Multipart+0.0.22+-+Path+Traversal/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[local] Windows 11 23H2 - Denial of Service (DoS)]]> https://tsecurity.de/de/3477072/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+11+23H2+-+Denial+of+Service+%28DoS%29/ https://tsecurity.de/de/3477072/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+11+23H2+-+Denial+of+Service+%28DoS%29/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[local] Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap]]> https://tsecurity.de/de/3477071/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Google+Chrome++145.0.7632.75+-+CSSFontFeatureValuesMap/ https://tsecurity.de/de/3477071/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Google+Chrome++145.0.7632.75+-+CSSFontFeatureValuesMap/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Repetier-Server 1.4.10 - Path Traversal]]> https://tsecurity.de/de/3477070/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Repetier-Server+1.4.10+-+Path+Traversal/ https://tsecurity.de/de/3477070/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Repetier-Server+1.4.10+-+Path+Traversal/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] HUSTOJ Zip-Slip v26.01.24 - RCE]]> https://tsecurity.de/de/3477069/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+HUSTOJ+Zip-Slip+v26.01.24+-++RCE/ https://tsecurity.de/de/3477069/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+HUSTOJ+Zip-Slip+v26.01.24+-++RCE/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[local] Windows 11 25H2 - Heap Overflow]]> https://tsecurity.de/de/3476886/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+11+25H2++-+Heap+Overflow/ https://tsecurity.de/de/3476886/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+11+25H2++-+Heap+Overflow/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] BusyBox 1.37.0 - Path Traversal]]> https://tsecurity.de/de/3476885/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+BusyBox+1.37.0+-+Path+Traversal/ https://tsecurity.de/de/3476885/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+BusyBox+1.37.0+-+Path+Traversal/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] JUNG Smart Visu Server 1.1.1050 - Dos]]> https://tsecurity.de/de/3476884/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+JUNG+Smart+Visu+Server+1.1.1050+-+Dos/ https://tsecurity.de/de/3476884/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+JUNG+Smart+Visu+Server+1.1.1050+-+Dos/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] SumatraPDF 3.5.2 - Remote Code Execution]]> https://tsecurity.de/de/3476828/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+SumatraPDF+3.5.2+-+Remote+Code+Execution/ https://tsecurity.de/de/3476828/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+SumatraPDF+3.5.2+-+Remote+Code+Execution/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Frigate NVR 0.16.3 - Remote Code Execution]]> https://tsecurity.de/de/3476827/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Frigate+NVR+0.16.3+-+Remote+Code+Execution/ https://tsecurity.de/de/3476827/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Frigate+NVR+0.16.3+-+Remote+Code+Execution/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] NiceGUI 3.6.1 - Path Traversal]]> https://tsecurity.de/de/3476826/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+NiceGUI+3.6.1+-+Path+Traversal/ https://tsecurity.de/de/3476826/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+NiceGUI+3.6.1+-+Path+Traversal/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Js2Py 0.74 - RCE]]> https://tsecurity.de/de/3476785/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Js2Py+0.74+-++RCE/ https://tsecurity.de/de/3476785/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Js2Py+0.74+-++RCE/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection]]> https://tsecurity.de/de/3476695/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Cybersecurity+AI+%28CAI%29+Framework+0.5.10+-+Command+Injection/ https://tsecurity.de/de/3476695/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Cybersecurity+AI+%28CAI%29+Framework+0.5.10+-+Command+Injection/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Camaleon CMS v2.9.0 - Path Traversal]]> https://tsecurity.de/de/3476694/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Camaleon+CMS++v2.9.0+-+Path+Traversal/ https://tsecurity.de/de/3476694/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Camaleon+CMS++v2.9.0+-+Path+Traversal/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] SUSE Manager 4.3.15 - Code Execution]]> https://tsecurity.de/de/3476662/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+SUSE+Manager+4.3.15+-+Code+Execution/ https://tsecurity.de/de/3476662/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+SUSE+Manager+4.3.15+-+Code+Execution/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Erugo 0.2.14 - Remote Code Execution (RCE)]]> https://tsecurity.de/de/3476661/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Erugo++0.2.14+-+Remote+Code+Execution+%28RCE%29/ https://tsecurity.de/de/3476661/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Erugo++0.2.14+-+Remote+Code+Execution+%28RCE%29/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] deephas 1.0.7 - Prototype Pollution]]> https://tsecurity.de/de/3476660/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+deephas+1.0.7+-+Prototype+Pollution/ https://tsecurity.de/de/3476660/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+deephas+1.0.7+-+Prototype+Pollution/ Thu, 30 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Craft CMS 5.6.16 - RCE]]> https://tsecurity.de/de/3474252/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Craft+CMS+5.6.16+-+RCE/ https://tsecurity.de/de/3474252/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Craft+CMS+5.6.16+-+RCE/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[local] GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation]]> https://tsecurity.de/de/3474251/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+GNU+InetUtils+2.6+-+Telnetd+Remote+Privilege+Escalation/ https://tsecurity.de/de/3474251/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+GNU+InetUtils+2.6+-+Telnetd+Remote+Privilege+Escalation/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] HAX CMS 24.x - Stored Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3474250/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+HAX+CMS+24.x+-+Stored+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3474250/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+HAX+CMS+24.x+-+Stored+Cross-Site+Scripting+%28XSS%29/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] GeographicLib v2.5.1 - stack buffer overflow]]> https://tsecurity.de/de/3474107/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+GeographicLib+v2.5.1+-+stack+buffer+overflow/ https://tsecurity.de/de/3474107/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+GeographicLib+v2.5.1+-+stack+buffer+overflow/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] phpMyFAQ 4.0.16 - Improper Authorization]]> https://tsecurity.de/de/3474106/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ++4.0.16+-+Improper+Authorization/ https://tsecurity.de/de/3474106/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ++4.0.16+-+Improper+Authorization/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[local] OpenWrt 23.05 - Authenticated Remote Code Execution (RCE)]]> https://tsecurity.de/de/3473582/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+OpenWrt+23.05+-+Authenticated+Remote+Code+Execution+%28RCE%29/ https://tsecurity.de/de/3473582/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+OpenWrt+23.05+-+Authenticated+Remote+Code+Execution+%28RCE%29/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] OpenKM 6.3.12 - Multiple]]> https://tsecurity.de/de/3473581/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenKM+6.3.12+-+Multiple/ https://tsecurity.de/de/3473581/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenKM+6.3.12+-+Multiple/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] FacturaScripts 2025.43 - XSS]]> https://tsecurity.de/de/3473554/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FacturaScripts+2025.43+-+XSS/ https://tsecurity.de/de/3473554/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FacturaScripts+2025.43+-+XSS/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)]]> https://tsecurity.de/de/3473553/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+GUnet+OpenEclass+E-learning+platform+%26lt%3B+4.2+-+Remote+Code+Execution+%28RCE%29/ https://tsecurity.de/de/3473553/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+GUnet+OpenEclass+E-learning+platform+%26lt%3B+4.2+-+Remote+Code+Execution+%28RCE%29/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution]]> https://tsecurity.de/de/3473552/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+JuzaWeb+CMS+3.4.2+-+Authenticated+Remote+Code+Execution/ https://tsecurity.de/de/3473552/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+JuzaWeb+CMS+3.4.2+-+Authenticated+Remote+Code+Execution/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Xibo CMS 4.3.0 - RCE via SSTI]]> https://tsecurity.de/de/3473340/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Xibo+CMS++4.3.0+-+RCE+via+SSTI/ https://tsecurity.de/de/3473340/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Xibo+CMS++4.3.0+-+RCE+via+SSTI/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[local] Atlona ATOMERX21 - Authenticated Command Injection]]> https://tsecurity.de/de/3473319/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Atlona+ATOMERX21+-+Authenticated+Command+Injection/ https://tsecurity.de/de/3473319/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Atlona+ATOMERX21+-+Authenticated+Command+Injection/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] LangChain Core 1.2.4 - SSTI/RCE]]> https://tsecurity.de/de/3473318/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+LangChain+Core+1.2.4+-+SSTI%2FRCE/ https://tsecurity.de/de/3473318/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+LangChain+Core+1.2.4+-+SSTI%2FRCE/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[local] Fedora - Local Privilege Escalation]]> https://tsecurity.de/de/3473317/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Fedora+-+Local+Privilege+Escalation/ https://tsecurity.de/de/3473317/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Fedora+-+Local+Privilege+Escalation/ Wed, 29 Apr 2026 02:00:00 +0200 <![CDATA[[local] AVAST Antivirus 25.11 - Unquoted Service Path]]> https://tsecurity.de/de/3454926/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+AVAST+Antivirus+25.11+-+Unquoted+Service+Path/ https://tsecurity.de/de/3454926/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+AVAST+Antivirus+25.11+-+Unquoted+Service+Path/ Wed, 22 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] WordPress Plugin 5.2.0 - Broken Access Control]]> https://tsecurity.de/de/3454925/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Plugin++5.2.0+-+Broken+Access+Control/ https://tsecurity.de/de/3454925/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Plugin++5.2.0+-+Broken+Access+Control/ Wed, 22 Apr 2026 02:00:00 +0200 <![CDATA[[local] Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation]]> https://tsecurity.de/de/3454924/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Throttlestop+Kernel+Driver+-+Kernel+Out-of-Bounds+Write+Privilege+Escalation/ https://tsecurity.de/de/3454924/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Throttlestop+Kernel+Driver+-+Kernel+Out-of-Bounds+Write+Privilege+Escalation/ Wed, 22 Apr 2026 02:00:00 +0200 <![CDATA[[local] NetBT e-Fatura - Privilege Escalation]]> https://tsecurity.de/de/3423893/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+NetBT+e-Fatura+-+Privilege+Escalation/ https://tsecurity.de/de/3423893/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+NetBT+e-Fatura+-+Privilege+Escalation/ Fri, 10 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] D-Link DIR-650IN - Authenticated Command Injection]]> https://tsecurity.de/de/3423892/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+D-Link+DIR-650IN+-+Authenticated+Command+Injection/ https://tsecurity.de/de/3423892/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+D-Link+DIR-650IN+-+Authenticated+Command+Injection/ Fri, 10 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] RomM 4.4.0 - XSS_CSRF Chain]]> https://tsecurity.de/de/3421405/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RomM++4.4.0+-++XSS_CSRF+Chain/ https://tsecurity.de/de/3421405/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RomM++4.4.0+-++XSS_CSRF+Chain/ Thu, 09 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] React Server 19.2.0 - Remote Code Execution]]> https://tsecurity.de/de/3421404/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+React+Server+19.2.0+-+Remote+Code+Execution/ https://tsecurity.de/de/3421404/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+React+Server+19.2.0+-+Remote+Code+Execution/ Thu, 09 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Jumbo Website Manager - Remote Code Execution]]> https://tsecurity.de/de/3421367/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Jumbo+Website+Manager++-+Remote+Code+Execution/ https://tsecurity.de/de/3421367/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Jumbo+Website+Manager++-+Remote+Code+Execution/ Thu, 09 Apr 2026 02:00:00 +0200 <![CDATA[[local] ZSH 5.9 - RCE]]> https://tsecurity.de/de/3421366/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZSH+5.9+-+RCE/ https://tsecurity.de/de/3421366/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+ZSH+5.9+-+RCE/ Thu, 09 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] xibocms 3.3.4 - RCE]]> https://tsecurity.de/de/3417853/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+xibocms+3.3.4+-+RCE/ https://tsecurity.de/de/3417853/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+xibocms+3.3.4+-+RCE/ Wed, 08 Apr 2026 02:00:00 +0200 <![CDATA[[local] 7-Zip 24.00 - Directory Traversal]]> https://tsecurity.de/de/3417852/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+7-Zip+24.00+-+Directory+Traversal/ https://tsecurity.de/de/3417852/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+7-Zip+24.00+-+Directory+Traversal/ Wed, 08 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] FortiWeb 8.0.2 - Remote Code Execution]]> https://tsecurity.de/de/3417851/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FortiWeb++8.0.2+-+Remote+Code+Execution/ https://tsecurity.de/de/3417851/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FortiWeb++8.0.2+-+Remote+Code+Execution/ Wed, 08 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Horilla v1.3 - RCE]]> https://tsecurity.de/de/3417709/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Horilla+v1.3+-+RCE/ https://tsecurity.de/de/3417709/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Horilla+v1.3+-+RCE/ Wed, 08 Apr 2026 02:00:00 +0200 <![CDATA[[local] Microsoft MMC MSC EvilTwin - Local Admin Creation]]> https://tsecurity.de/de/3417708/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Microsoft+MMC+MSC+EvilTwin+-+Local+Admin+Creation/ https://tsecurity.de/de/3417708/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Microsoft+MMC+MSC+EvilTwin+-+Local+Admin+Creation/ Wed, 08 Apr 2026 02:00:00 +0200 <![CDATA[[local] SQLite 3.50.1 - Heap Overflow]]> https://tsecurity.de/de/3417707/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+SQLite+3.50.1+-+Heap+Overflow/ https://tsecurity.de/de/3417707/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+SQLite+3.50.1+-+Heap+Overflow/ Wed, 08 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass]]> https://tsecurity.de/de/3411206/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Fortinet+FortiWeb+v8.0.1+-+Auth+Bypass/ https://tsecurity.de/de/3411206/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Fortinet+FortiWeb+v8.0.1+-+Auth+Bypass/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[local] Windows Kernel - Elevation of Privilege]]> https://tsecurity.de/de/3411205/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+Kernel+-+Elevation+of+Privilege/ https://tsecurity.de/de/3411205/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Windows+Kernel+-+Elevation+of+Privilege/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[local] is-localhost-ip 2.0.0 - SSRF]]> https://tsecurity.de/de/3411204/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+is-localhost-ip+2.0.0+-+SSRF/ https://tsecurity.de/de/3411204/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+is-localhost-ip+2.0.0+-+SSRF/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] ASP.net 8.0.10 - Bypass]]> https://tsecurity.de/de/3411175/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ASP.net++8.0.10+-+Bypass/ https://tsecurity.de/de/3411175/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ASP.net++8.0.10+-+Bypass/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[local] Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation]]> https://tsecurity.de/de/3411174/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Desktop+Window+Manager+Core+Library+10.0.10240.0+-+Privilege+Escalation/ https://tsecurity.de/de/3411174/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Desktop+Window+Manager+Core+Library+10.0.10240.0+-+Privilege+Escalation/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] WordPress Madara - Local File Inclusion]]> https://tsecurity.de/de/3411156/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress++Madara+-+Local+File+Inclusion/ https://tsecurity.de/de/3411156/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress++Madara+-+Local+File+Inclusion/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] WBCE CMS 1.6.4 - Remote Code Execution]]> https://tsecurity.de/de/3411155/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WBCE+CMS+1.6.4+-+Remote+Code+Execution/ https://tsecurity.de/de/3411155/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WBCE+CMS+1.6.4+-+Remote+Code+Execution/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution]]> https://tsecurity.de/de/3411154/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RiteCMS+3.1.0+-+Authenticated+Remote+Code+Execution/ https://tsecurity.de/de/3411154/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RiteCMS+3.1.0+-+Authenticated+Remote+Code+Execution/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Zhiyuan OA - arbitrary file upload leading]]> https://tsecurity.de/de/3411153/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Zhiyuan+OA+-+arbitrary+file+upload+leading/ https://tsecurity.de/de/3411153/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Zhiyuan+OA+-+arbitrary+file+upload+leading/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] Grafana 11.6.0 - SSRF]]> https://tsecurity.de/de/3411152/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Grafana+11.6.0+-+SSRF/ https://tsecurity.de/de/3411152/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Grafana+11.6.0+-+SSRF/ Mon, 06 Apr 2026 02:00:00 +0200 <![CDATA[[webapps] mailcow 2025-01a - Host Header Password Reset Poisoning]]> https://tsecurity.de/de/3322361/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+mailcow+2025-01a+-+Host+Header+Password+Reset+Poisoning/ https://tsecurity.de/de/3322361/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+mailcow+2025-01a+-+Host+Header+Password+Reset+Poisoning/ Tue, 03 Mar 2026 01:00:00 +0100 <![CDATA[[webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution]]> https://tsecurity.de/de/3322360/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Backup+Migration+1.3.7+-+Remote+Command+Execution/ https://tsecurity.de/de/3322360/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Backup+Migration+1.3.7+-+Remote+Command+Execution/ Tue, 03 Mar 2026 01:00:00 +0100 <![CDATA[[webapps] Easy File Sharing Web Server v7.2 - Buffer Overflow]]> https://tsecurity.de/de/3322332/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Easy+File+Sharing+Web+Server+v7.2+-+Buffer+Overflow/ https://tsecurity.de/de/3322332/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Easy+File+Sharing+Web+Server+v7.2+-+Buffer+Overflow/ Tue, 03 Mar 2026 01:00:00 +0100 <![CDATA[[webapps] WeGIA 3.5.0 - SQL Injection]]> https://tsecurity.de/de/3322187/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WeGIA+3.5.0+-+SQL+Injection/ https://tsecurity.de/de/3322187/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WeGIA+3.5.0+-+SQL+Injection/ Tue, 03 Mar 2026 01:00:00 +0100 <![CDATA[[webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)]]> https://tsecurity.de/de/3322186/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Boss+Mini+v1.4.0+-+Local+File+Inclusion+%28LFI%29/ https://tsecurity.de/de/3322186/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Boss+Mini+v1.4.0+-+Local+File+Inclusion+%28LFI%29/ Tue, 03 Mar 2026 01:00:00 +0100 <![CDATA[[webapps] motionEye 0.43.1b4 - RCE]]> https://tsecurity.de/de/3281323/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+motionEye+0.43.1b4+-+RCE/ https://tsecurity.de/de/3281323/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+motionEye+0.43.1b4+-+RCE/ Wed, 11 Feb 2026 01:00:00 +0100 <![CDATA[[local] glibc 2.38 - Buffer Overflow]]> https://tsecurity.de/de/3281277/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+glibc+2.38+-+Buffer+Overflow/ https://tsecurity.de/de/3281277/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+glibc+2.38+-+Buffer+Overflow/ Wed, 11 Feb 2026 01:00:00 +0100 <![CDATA[[remote] Windows 10.0.17763.7009 - spoofing vulnerability]]> https://tsecurity.de/de/3281276/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Windows+10.0.17763.7009+-+spoofing+vulnerability/ https://tsecurity.de/de/3281276/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Windows+10.0.17763.7009+-+spoofing+vulnerability/ Wed, 11 Feb 2026 01:00:00 +0100 <![CDATA[[remote] windows 10/11 - NTLM Hash Disclosure Spoofing]]> https://tsecurity.de/de/3252860/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+windows+10%2F11+-+NTLM+Hash+Disclosure+Spoofing/ https://tsecurity.de/de/3252860/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+windows+10%2F11+-+NTLM+Hash+Disclosure+Spoofing/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[remote] Redis 8.0.2 - RCE]]> https://tsecurity.de/de/3252859/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Redis+8.0.2+-+RCE/ https://tsecurity.de/de/3252859/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Redis+8.0.2+-+RCE/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[webapps] OctoPrint 1.11.2 - File Upload]]> https://tsecurity.de/de/3252813/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OctoPrint+1.11.2+-+File+Upload/ https://tsecurity.de/de/3252813/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OctoPrint+1.11.2+-+File+Upload/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution]]> https://tsecurity.de/de/3252795/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FortiWeb+Fabric+Connector+7.6.x+-+SQL+Injection+to+Remote+Code+Execution/ https://tsecurity.de/de/3252795/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FortiWeb+Fabric+Connector+7.6.x+-+SQL+Injection+to+Remote+Code+Execution/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure]]> https://tsecurity.de/de/3252794/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Docker+Desktop+4.44.3+-+Unauthenticated++API+Exposure/ https://tsecurity.de/de/3252794/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Docker+Desktop+4.44.3+-+Unauthenticated++API+Exposure/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[webapps] aiohttp 3.9.1 - directory traversal PoC]]> https://tsecurity.de/de/3252793/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+aiohttp+3.9.1+-+directory+traversal+PoC/ https://tsecurity.de/de/3252793/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+aiohttp+3.9.1+-+directory+traversal+PoC/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE]]> https://tsecurity.de/de/3252792/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Ingress-NGINX+Admission+Controller+v1.11.1+-+FD+Injection+to+RCE/ https://tsecurity.de/de/3252792/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Ingress-NGINX+Admission+Controller+v1.11.1+-+FD+Injection+to+RCE/ Wed, 04 Feb 2026 01:00:00 +0100 <![CDATA[[hardware] D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)]]> https://tsecurity.de/de/3247786/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+D-Link+DIR-825+Rev.B+2.10+-+Stack+Buffer+Overflow+%28DoS%29/ https://tsecurity.de/de/3247786/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bhardware%5D+D-Link+DIR-825+Rev.B+2.10+-+Stack+Buffer+Overflow+%28DoS%29/ Mon, 02 Feb 2026 01:00:00 +0100 <![CDATA[[webapps] RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3247785/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RPi-Jukebox-RFID+2.8.0+-+Stored+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3247785/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RPi-Jukebox-RFID+2.8.0+-+Stored+Cross-Site+Scripting+%28XSS%29/ Mon, 02 Feb 2026 01:00:00 +0100 <![CDATA[[webapps] Piranha CMS 12.0 - Stored XSS in Text Block]]> https://tsecurity.de/de/3247784/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Piranha+CMS+12.0+-+Stored+XSS+in+Text+Block/ https://tsecurity.de/de/3247784/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Piranha+CMS+12.0+-+Stored+XSS+in+Text+Block/ Mon, 02 Feb 2026 01:00:00 +0100 <![CDATA[AVideo Notify.ffmpeg.json.php Unauthenticated Remote Code Execution]]> https://tsecurity.de/de/3220315/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/AVideo+Notify.ffmpeg.json.php+Unauthenticated+Remote+Code+Execution/ https://tsecurity.de/de/3220315/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/AVideo+Notify.ffmpeg.json.php+Unauthenticated+Remote+Code+Execution/ Sun, 18 Jan 2026 22:49:23 +0100 <![CDATA[[webapps] RPi-Jukebox-RFID 2.8.0 - Remote Command Execution]]> https://tsecurity.de/de/3218789/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RPi-Jukebox-RFID+2.8.0+-+Remote+Command+Execution/ https://tsecurity.de/de/3218789/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RPi-Jukebox-RFID+2.8.0+-+Remote+Command+Execution/ Sat, 17 Jan 2026 01:00:00 +0100 <![CDATA[[webapps] Siklu EtherHaul Series EH-8010 - Remote Command Execution]]> https://tsecurity.de/de/3218769/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Siklu+EtherHaul+Series+EH-8010+-+Remote+Command+Execution/ https://tsecurity.de/de/3218769/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Siklu+EtherHaul+Series+EH-8010+-+Remote+Command+Execution/ Sat, 17 Jan 2026 01:00:00 +0100 <![CDATA[[webapps] Siklu EtherHaul Series EH-8010 - Arbitrary File Upload]]> https://tsecurity.de/de/3218768/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Siklu+EtherHaul+Series+EH-8010+-+Arbitrary+File+Upload/ https://tsecurity.de/de/3218768/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Siklu+EtherHaul+Series+EH-8010+-+Arbitrary+File+Upload/ Sat, 17 Jan 2026 01:00:00 +0100 <![CDATA[[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL]]> https://tsecurity.de/de/3179599/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FreeBSD+rtsold+15.x+-+Remote+Code+Execution+via+DNSSL/ https://tsecurity.de/de/3179599/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+FreeBSD+rtsold+15.x+-+Remote+Code+Execution+via+DNSSL/ Thu, 25 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie]]> https://tsecurity.de/de/3179598/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Chained+Quiz++1.3.5+-+Unauthenticated+Insecure+Direct+Object+Reference+via+Cookie/ https://tsecurity.de/de/3179598/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Chained+Quiz++1.3.5+-+Unauthenticated+Insecure+Direct+Object+Reference+via+Cookie/ Thu, 25 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection]]> https://tsecurity.de/de/3179597/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Quiz+Maker+6.7.0.56+-+SQL+Injection/ https://tsecurity.de/de/3179597/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+WordPress+Quiz+Maker+6.7.0.56+-+SQL+Injection/ Thu, 25 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection]]> https://tsecurity.de/de/3161486/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Summar+Employee+Portal++3.98.0+-+Authenticated+SQL+Injection/ https://tsecurity.de/de/3161486/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Summar+Employee+Portal++3.98.0+-+Authenticated+SQL+Injection/ Tue, 16 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] esm-dev 136 - Path Traversal]]> https://tsecurity.de/de/3161485/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+esm-dev+136+-+Path+Traversal/ https://tsecurity.de/de/3161485/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+esm-dev+136+-+Path+Traversal/ Tue, 16 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] Pluck 4.7.7-dev2 - PHP Code Execution]]> https://tsecurity.de/de/3146066/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Pluck+4.7.7-dev2+-++PHP+Code+Execution/ https://tsecurity.de/de/3146066/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Pluck+4.7.7-dev2+-++PHP+Code+Execution/ Mon, 08 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] MaNGOSWebV4 4.0.6 - Reflected XSS]]> https://tsecurity.de/de/3136724/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MaNGOSWebV4++4.0.6+-+Reflected+XSS/ https://tsecurity.de/de/3136724/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MaNGOSWebV4++4.0.6+-+Reflected+XSS/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)]]> https://tsecurity.de/de/3136723/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ+2.9.8+-+Cross-Site+Request+Forgery%28CSRF%29/ https://tsecurity.de/de/3136723/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ+2.9.8+-+Cross-Site+Request+Forgery%28CSRF%29/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)]]> https://tsecurity.de/de/3136722/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ++2.9.8+-+Cross-Site+Request+Forgery+%28CSRF%29/ https://tsecurity.de/de/3136722/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ++2.9.8+-+Cross-Site+Request+Forgery+%28CSRF%29/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] Django 5.1.13 - SQL Injection]]> https://tsecurity.de/de/3136674/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Django+5.1.13+-+SQL+Injection/ https://tsecurity.de/de/3136674/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Django+5.1.13+-+SQL+Injection/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)]]> https://tsecurity.de/de/3136577/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFaq+2.9.8+-+Cross+Site+Request+Forgery+%28CSRF%29/ https://tsecurity.de/de/3136577/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFaq+2.9.8+-+Cross+Site+Request+Forgery+%28CSRF%29/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] MobileDetect 2.8.31 - Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3135522/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MobileDetect+2.8.31+-+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3135522/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+MobileDetect+2.8.31+-+Cross-Site+Scripting+%28XSS%29/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpMyAdmin 5.0.0 - SQL Injection]]> https://tsecurity.de/de/3135521/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyAdmin+5.0.0+-+SQL+Injection/ https://tsecurity.de/de/3135521/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyAdmin+5.0.0+-+SQL+Injection/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpIPAM 1.4 - SQL-Injection]]> https://tsecurity.de/de/3135520/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.4+-+SQL-Injection/ https://tsecurity.de/de/3135520/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.4+-+SQL-Injection/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] OpenRepeater 2.1 - OS Command Injection]]> https://tsecurity.de/de/3135519/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenRepeater+2.1+-+OS+Command+Injection/ https://tsecurity.de/de/3135519/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+OpenRepeater+2.1+-+OS+Command+Injection/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3135485/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RosarioSIS+6.7.2+-+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3135485/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RosarioSIS+6.7.2+-+Cross-Site+Scripting+%28XSS%29/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] RosarioSIS 6.7.2 - Cross Site Scripting (XSS)]]> https://tsecurity.de/de/3135484/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RosarioSIS+6.7.2+-+Cross+Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3135484/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RosarioSIS+6.7.2+-+Cross+Site+Scripting+%28XSS%29/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] PluckCMS 4.7.10 - Unrestricted File Upload]]> https://tsecurity.de/de/3135468/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+PluckCMS+4.7.10+-+Unrestricted+File+Upload/ https://tsecurity.de/de/3135468/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+PluckCMS+4.7.10+-+Unrestricted+File+Upload/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] openSIS Community Edition 8.0 - SQL Injection]]> https://tsecurity.de/de/3135446/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+openSIS+Community+Edition+8.0+-+SQL+Injection/ https://tsecurity.de/de/3135446/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+openSIS+Community+Edition+8.0+-+SQL+Injection/ Wed, 03 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)]]> https://tsecurity.de/de/3134031/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YOURLS+1.8.2+-+Cross-Site+Request+Forgery+%28CSRF%29/ https://tsecurity.de/de/3134031/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+YOURLS+1.8.2+-+Cross-Site+Request+Forgery+%28CSRF%29/ Tue, 02 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpIPAM 1.5.1 - SQL Injection]]> https://tsecurity.de/de/3134030/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.5.1+-+SQL+Injection/ https://tsecurity.de/de/3134030/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.5.1+-+SQL+Injection/ Tue, 02 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3134029/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ++3.1.7+-+Reflected+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3134029/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpMyFAQ++3.1.7+-+Reflected+Cross-Site+Scripting+%28XSS%29/ Tue, 02 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpIPAM 1.6 - Reflected-Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3133984/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.6+-+Reflected-Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3133984/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.6+-+Reflected-Cross-Site+Scripting+%28XSS%29/ Tue, 02 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] Piwigo 13.6.0 - SQL Injection]]> https://tsecurity.de/de/3133983/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Piwigo+13.6.0+-+SQL+Injection/ https://tsecurity.de/de/3133983/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Piwigo+13.6.0+-+SQL+Injection/ Tue, 02 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/3133945/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.6+-+Reflected+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/3133945/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+phpIPAM+1.6+-+Reflected+Cross-Site+Scripting+%28XSS%29/ Tue, 02 Dec 2025 01:00:00 +0100 <![CDATA[[webapps] Flowise 3.0.4 - Remote Code Execution (RCE)]]> https://tsecurity.de/de/3072477/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Flowise+3.0.4+-+Remote+Code+Execution+%28RCE%29/ https://tsecurity.de/de/3072477/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Flowise+3.0.4+-+Remote+Code+Execution+%28RCE%29/ Fri, 31 Oct 2025 01:00:00 +0100 <![CDATA[[webapps] Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)]]> https://tsecurity.de/de/3067893/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Casdoor+2.95.0+-+Cross-Site+Request+Forgery+%28CSRF%29/ https://tsecurity.de/de/3067893/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Casdoor+2.95.0+-+Cross-Site+Request+Forgery+%28CSRF%29/ Wed, 29 Oct 2025 01:00:00 +0100 <![CDATA[[webapps] Concrete CMS 9.4.3 - Stored XSS]]> https://tsecurity.de/de/3010944/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Concrete+CMS+9.4.3+-+Stored+XSS/ https://tsecurity.de/de/3010944/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Concrete+CMS+9.4.3+-+Stored+XSS/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[remote] HTTP/2 2.0 - Denial Of Service (DOS)]]> https://tsecurity.de/de/3010943/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+HTTP%2F2+2.0+-+Denial+Of+Service+%28DOS%29/ https://tsecurity.de/de/3010943/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+HTTP%2F2+2.0+-+Denial+Of+Service+%28DOS%29/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[local] Mbed TLS 3.6.4 - Use-After-Free]]> https://tsecurity.de/de/3010942/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Mbed+TLS+3.6.4+-+Use-After-Free/ https://tsecurity.de/de/3010942/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Mbed+TLS+3.6.4+-+Use-After-Free/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[webapps] ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection]]> https://tsecurity.de/de/3010941/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ELEX+WooCommerce+WordPress+Plugin+1.4.3+-+SQL+Injection/ https://tsecurity.de/de/3010941/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+ELEX+WooCommerce+WordPress+Plugin+1.4.3+-+SQL+Injection/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[webapps] XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)]]> https://tsecurity.de/de/3010940/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+XWiki+Platform+15.10.10+-+Metasploit+Module+for+Remote+Code+Execution+%28RCE%29/ https://tsecurity.de/de/3010940/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+XWiki+Platform+15.10.10+-+Metasploit+Module+for+Remote+Code+Execution+%28RCE%29/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[webapps] Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)]]> https://tsecurity.de/de/3010939/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Casdoor+2.55.0+-+Cross-Site+Request+Forgery+%28CSRF%29/ https://tsecurity.de/de/3010939/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Casdoor+2.55.0+-+Cross-Site+Request+Forgery+%28CSRF%29/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[webapps] dotCMS 25.07.02-1 - Authenticated Blind SQL Injection]]> https://tsecurity.de/de/3010938/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+dotCMS+25.07.02-1+-+Authenticated+Blind+SQL+Injection/ https://tsecurity.de/de/3010938/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+dotCMS+25.07.02-1+-+Authenticated+Blind+SQL+Injection/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[webapps] Tourism Management System 2.0 - Arbitrary Shell Upload]]> https://tsecurity.de/de/3010937/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Tourism+Management+System+2.0+-+Arbitrary+Shell+Upload/ https://tsecurity.de/de/3010937/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Tourism+Management+System+2.0+-+Arbitrary+Shell+Upload/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[remote] ClipBucket 5.5.2 Build #90 - Server-Side Request Forgery (SSRF)]]> https://tsecurity.de/de/3010936/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+ClipBucket+5.5.2+Build+%2390+-+Server-Side+Request+Forgery+%28SSRF%29/ https://tsecurity.de/de/3010936/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+ClipBucket+5.5.2+Build+%2390+-+Server-Side+Request+Forgery+%28SSRF%29/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[remote] ClipBucket 5.5.0 - Arbitrary File Upload]]> https://tsecurity.de/de/3010935/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+ClipBucket+5.5.0+-+Arbitrary+File+Upload/ https://tsecurity.de/de/3010935/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+ClipBucket+5.5.0+-+Arbitrary+File+Upload/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[local] Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP - Elevation of Privilege]]> https://tsecurity.de/de/3010934/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Microsoft+Windows+Server+2025+Hyper-V+NT+Kernel+Integration+VSP+-+Elevation+of+Privilege/ https://tsecurity.de/de/3010934/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+Microsoft+Windows+Server+2025+Hyper-V+NT+Kernel+Integration+VSP+-+Elevation+of+Privilege/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[remote] HTMLDOC 1.9.13 - Stack Buffer Overflow]]> https://tsecurity.de/de/3010933/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+HTMLDOC+1.9.13+-+Stack+Buffer+Overflow/ https://tsecurity.de/de/3010933/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+HTMLDOC+1.9.13+-+Stack+Buffer+Overflow/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[remote] Ilevia EVE X1/X5 Server 4.7.18.0.eden - Reverse Rootshell]]> https://tsecurity.de/de/3010932/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Ilevia+EVE+X1%2FX5+Server+4.7.18.0.eden+-+Reverse+Rootshell/ https://tsecurity.de/de/3010932/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Ilevia+EVE+X1%2FX5+Server+4.7.18.0.eden+-+Reverse+Rootshell/ Tue, 16 Sep 2025 02:00:00 +0200 <![CDATA[[remote] GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)]]> https://tsecurity.de/de/2957748/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+GeoVision+ASManager+Windows+Application+6.1.2.0+-+Remote+Code+Execution+%28RCE%29/ https://tsecurity.de/de/2957748/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+GeoVision+ASManager+Windows+Application+6.1.2.0+-+Remote+Code+Execution+%28RCE%29/ Tue, 26 Aug 2025 02:00:00 +0200 <![CDATA[[local] GeoVision ASManager Windows Application 6.1.2.0 - Credentials Disclosure]]> https://tsecurity.de/de/2957720/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+GeoVision+ASManager+Windows+Application+6.1.2.0+-+Credentials+Disclosure/ https://tsecurity.de/de/2957720/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Blocal%5D+GeoVision+ASManager+Windows+Application+6.1.2.0+-+Credentials+Disclosure/ Tue, 26 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] StoryChief Wordpress Plugin 1.0.42 - Arbitrary File Upload]]> https://tsecurity.de/de/2957719/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+StoryChief+Wordpress+Plugin+1.0.42+-+Arbitrary+File+Upload/ https://tsecurity.de/de/2957719/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+StoryChief+Wordpress+Plugin+1.0.42+-+Arbitrary+File+Upload/ Tue, 26 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure]]> https://tsecurity.de/de/2957695/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Birth+Chart+Compatibility+WordPress+Plugin+2.0+-+Full+Path+Disclosure/ https://tsecurity.de/de/2957695/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Birth+Chart+Compatibility+WordPress+Plugin+2.0+-+Full+Path+Disclosure/ Tue, 26 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] Lingdang CRM 8.6.4.7 - SQL Injection]]> https://tsecurity.de/de/2957694/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Lingdang+CRM+8.6.4.7+-+SQL+Injection/ https://tsecurity.de/de/2957694/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Lingdang+CRM+8.6.4.7+-+SQL+Injection/ Tue, 26 Aug 2025 02:00:00 +0200 <![CDATA[[remote] Ivanti Endpoint Manager Mobile 12.5.0.0 - Authentication Bypass]]> https://tsecurity.de/de/2957693/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Ivanti+Endpoint+Manager+Mobile+12.5.0.0+-+Authentication+Bypass/ https://tsecurity.de/de/2957693/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Ivanti+Endpoint+Manager+Mobile+12.5.0.0+-+Authentication+Bypass/ Tue, 26 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] Lantronix Provisioning Manager 7.10.3 - XML External Entity Injection (XXE)]]> https://tsecurity.de/de/2945493/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Lantronix+Provisioning+Manager+7.10.3+-+XML+External+Entity+Injection+%28XXE%29/ https://tsecurity.de/de/2945493/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Lantronix+Provisioning+Manager+7.10.3+-+XML+External+Entity+Injection+%28XXE%29/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[remote] Tenda AC20 16.03.08.12 - Command Injection]]> https://tsecurity.de/de/2945492/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Tenda+AC20+16.03.08.12+-+Command+Injection/ https://tsecurity.de/de/2945492/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Tenda+AC20+16.03.08.12+-+Command+Injection/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[remote] Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure]]> https://tsecurity.de/de/2945461/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Microsoft+Windows+10.0.19045+-+NTLMv2+Hash+Disclosure/ https://tsecurity.de/de/2945461/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Microsoft+Windows+10.0.19045+-+NTLMv2+Hash+Disclosure/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] Soosyze CMS 2.0 - Brute Force Login]]> https://tsecurity.de/de/2945460/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Soosyze+CMS+2.0+-+Brute+Force+Login/ https://tsecurity.de/de/2945460/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Soosyze+CMS+2.0+-+Brute+Force+Login/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[remote] PHPMyAdmin 3.0 - Bruteforce Login Bypass]]> https://tsecurity.de/de/2945459/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+PHPMyAdmin+3.0+-+Bruteforce+Login+Bypass/ https://tsecurity.de/de/2945459/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+PHPMyAdmin+3.0+-+Bruteforce+Login+Bypass/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] RiteCMS 3.0.0 - Reflected Cross Site Scripting (XSS)]]> https://tsecurity.de/de/2945408/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RiteCMS+3.0.0+-+Reflected+Cross+Site+Scripting+%28XSS%29/ https://tsecurity.de/de/2945408/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+RiteCMS+3.0.0+-+Reflected+Cross+Site+Scripting+%28XSS%29/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] BigAnt Office Messenger 5.6.06 - SQL Injection]]> https://tsecurity.de/de/2945391/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+BigAnt+Office+Messenger+5.6.06+-+SQL+Injection/ https://tsecurity.de/de/2945391/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+BigAnt+Office+Messenger+5.6.06+-+SQL+Injection/ Mon, 18 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] JetBrains TeamCity 2023.11.4 - Authentication Bypass]]> https://tsecurity.de/de/2934147/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+JetBrains+TeamCity+2023.11.4+-+Authentication+Bypass/ https://tsecurity.de/de/2934147/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+JetBrains+TeamCity+2023.11.4+-+Authentication+Bypass/ Mon, 11 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] Ghost CMS 5.59.1 - Arbitrary File Read]]> https://tsecurity.de/de/2934117/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Ghost+CMS+5.59.1+-+Arbitrary+File+Read/ https://tsecurity.de/de/2934117/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+Ghost+CMS+5.59.1+-+Arbitrary+File+Read/ Mon, 11 Aug 2025 02:00:00 +0200 <![CDATA[[remote] Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials]]> https://tsecurity.de/de/2934116/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Belkin+F9K1009+F9K1010+2.00.04%2F2.00.09+-+Hard+Coded+Credentials/ https://tsecurity.de/de/2934116/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bremote%5D+Belkin+F9K1009+F9K1010+2.00.04%2F2.00.09+-+Hard+Coded+Credentials/ Mon, 11 Aug 2025 02:00:00 +0200 <![CDATA[[webapps] VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)]]> https://tsecurity.de/de/2934115/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+VMware+vSphere+Client+8.0.3.0+-+Reflected+Cross-Site+Scripting+%28XSS%29/ https://tsecurity.de/de/2934115/IT+Reverse+Engineering/Sicherheitsl%C3%BCcken/Proof+of+Concept/%5Bwebapps%5D+VMware+vSphere+Client+8.0.3.0+-+Reflected+Cross-Site+Scripting+%28XSS%29/ Mon, 11 Aug 2025 02:00:00 +0200