All Posts - g03m0n

All Posts

2025

SSRF in Koha version ≤ 25.11 (CVE-2026-26379) 12-31

Cross-Site Scripting via File Upload in Koha (CVE-2026-26378) 12-31

Stored-XSS via animate tag in Roundcube (CVE-2025-68461) 12-31

Stored XSS in Koha version ≤25.11 (CVE-2026-26377) 12-31

2024

Blind SQL Injection at Rouyi framework ≤ v4.7.9 (CVE-2024-42900) 08-27

CVE-2022-4566 08-25

Hackthebox - Neonify 06-10

CVE-2021-3129 05-01

PortSwigger - SQL Injection 01-20

CookieCTF - The Existed File 01-20

CookieCTF - Baby SQLite With Filter 01-19

CookieCTF - Baby Crawler 01-19

2023

PortSwigger - Insecure Deserialization 12-20

Liferay TunnelServlet Deserialization Remote Code Execution (LPE-15538) 11-22

CVE-2024-40075 11-22

CVE-2022-33891 11-22

CVE-2020-9480 11-21

Hackthebox - ProxyAsService 11-20

CVE-2018-11770 11-20

Hackthebox - jscalc 08-22

1
2