Hacking

“”” Exploit-Title: PHPMyAdmin 3.0 – Bruteforce Login Bypass Author: Nikola Markovic (badgerinc23@gmail.com) Date: 2023 Google-Dork: intext: phpMyAdmin Vendor: https://www.phpmyadmin.net/ Version: >3.0 & 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 Tested on: win/linux/unix Python-Version: 3.0 CVE : CVE-2015-6830 “”” import urllib.request import urllib.parse import urllib import threading import http.cookiejar import re import sys def CheckLogin(target): …

# Exploit Title: BigAnt Office Messenger 5.6.06 – SQL Injection # Date: 01.09.2025 # Exploit Author: Nicat Abbasov # Vendor Homepage: https://www.bigantsoft.com/ # Software Link: https://www.bigantsoft.com/download.html # Version: 5.6.06 # Tested on: 5.6.06 # CVE : CVE-2024-54761 # Github repo: https://github.com/nscan9/CVE-2024-54761 import requests from bs4 import BeautifulSoup import…

/* * Exploit Title: Lantronix Provisioning Manager 7.10.3 – XML External Entity Injection (XXE) * Google Dork: N/A * Date: 2025-08-17 * Exploit Author: Byte Reaper * Vendor Homepage: https://www.lantronix.com/ * Software Link: https://www.lantronix.com/products/lantronix-provisioning-manager/ * Version: Provisioning Manager ≤ 7.10.3 * Tested on: Kali Linux * CVE: CVE-2025-7766 */ #include #include #include”argparse.h” #include …

# Exploit Title: RiteCMS 3.0.0 – Reflected Cross-Site Scripting (XSS) # Google Dork: N/A # Date: 2024-08-12 # Exploit Author: GURJOT SINGH # Vendor Homepage: https://ritecms.com/ # Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.0.0/ritecms.v3.0.0.zip # Version: <= 3.0.0 # Tested on: Ubuntu 22.04 LTS, PHP 8.1, Apache 2.4 # CVE: CVE-2024-28623 ## Description: A reflected Cross-Site Scripting (XSS)…

For the latest discoveries in cyber research for the week of 18th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Canadian House of Commons has suffered a data breach. The incident resulted in unauthorized access to a database containing employees’ names, office locations, email addresses, and information on House-managed computers and…

ISC Stormcast For Monday, August 18th, 2025 https://isc.sans.edu/podcastdetail/9574, (Mon, Aug 18th) Source link

ISC Stormcast For Friday, August 15th, 2025 https://isc.sans.edu/podcastdetail/9572, (Fri, Aug 15th) Source link

As the world gradually adopts and transitions to using 5G for mobile, operational technology (OT), automation and Internet-of-Things (IoT) devices, a secure 5G network infrastructure remains critical. Recently, the Automated Systems SEcuriTy (ASSET) Research Group have released a new framework named SNI5GECT [pronounced as Sni-f-Gect (sniff + 5G + inject)] that enables users of the…

The cybersecurity landscape evolves relentlessly, with new adversaries and threats emerging daily. For organizations navigating these challenges, reactive responses are no longer enough. It’s about moving from complex, disconnected data streams to proactive, autonomous solutions with actionable intelligence. This is where Agentic AI stands out. It empowers businesses to stay ahead of adversaries through rapid…

When Windows Management Instrumentation (WMI) classes fail, it can disrupt critical security operations by causing vulnerability scans to miss important data and compliance reports to lack accuracy. These issues may lead to gaps in visibility, making it harder for security teams to maintain a comprehensive understanding of their environment. By addressing WMI class failures proactively,…