Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability.
ccd137a9553629c65cb1fcc131008c98cf86b7038c922afa5586765db2092434
AdvantechWeb/SCADA version 9.1.5U suffers from a post authentication remote SQL injection vulnerability.
c61d51ef9791032ac5aeeaa9f4123f947e54a3c585126f417601ad70cf5716cc
Conquest Dicom Server version 1.5.0d pre-authentication remote command execution exploit.
2030c371174b7b07796cb759a9caa33926897c924929e76e6832e628b77586f3
FortiWeb VM version 7.4.0 build577 suffers from a post authentication CLI crash when provided a long password.
72af24d9c4b59a9c012276d1a41593a054fdc93f5709821fab01faa7b140b6cd
This is a small extension script to monitor suff.py, or the Simple Universal Fortigate Fuzzer, and to collect crashlogs for future analysis.
e4664830b3fe02fbdd2cb9687909e1cb5827c21ad4da619143c039c0d4cbe83d
Simple python script to send commands prepared in text files mutated by an example payload string, e.g. multiple A or B letters. Using Fortigate's credentials, a user should be able to use this script to automate a basic fuzzing process for commands available in CLI.
183513f0d7a7bbd777a50826ac774d0cc927491384f081ad3ae5cf87426b640f
Fortigate version 7.0.1 post authentication stack overflow zero day proof of concept exploit.
122dadbd84dd704ea57462ca66b6e746cb96632b68962fd5dd9add747b0391c5
This python script is a slow brute forcing utility to check passwords against FortiGate appliances. Check the homepage link for more information on how this was used to slowly bypass brute force protections.
c801f99d408035256c871d04d06f9c9e360124599a0f66d51971fc4c6561faf6
This is a small document that provides a cheat sheet for use of Ansible during penetration testing and red teaming activities.
0c12a80286493aa8bd0c790357f229f5d0169bc51d3a6f38387aea2b27d0ce5d
D-Link DSL-3782 pre-authentication remote root exploit.
39250461aeadf7ef7255a1a2d870e1e43ea66083e97d1b047cdd0a89783991a9
Code16 is a compilation of notes from research performed by Cody16. This issue discusses hunting zero days and NagiosXI version 5.8.1.
9d08170ca7e8368c7ed6054ce28231b1a7a290e48949e6483a5248bac54fd78d
Code16 is a compilation of notes from research performed by Cody16. This issue discusses spelunking routers and learning rust.
0224af1974f4d7cd636ca5d5c883b0d52174f1800ca47ba4a1ba4146652613d8
Code16 is a compilation of notes from research performed by Cody16. This issue discusses setting up your browser with extensions for inspection of payloads while pentesting, fuzzing, and more.
e924a2736949ffdb5a672e2dfe9c621921408d64648928b8f9f8cca9f523eab3
Code16 is a compilation of notes from research performed by Cody16. This issue discusses creating web modules for Metasploit, a mass scanner for WordPress plugins, Learning Arduino, and more.
329ef9e7a3eacbed4dd915355bbc96f01a0443e89d9306cd0e5d72e18d67cf80
Code16 is a compilation of notes from research performed by Cody16. This issue discusses creating web modules for Metasploit and more.
78ec59e4fc92095d88790bb61b21f2d538180db80df521c7e384c9a925dd55e3
Code16 is a compilation of notes from research performed by Cody16. This issue discusses exploring heap overflows and more.
be37e4aafda4fc264f91ede06f92e575c0414d487ffd20ec13901068b11a69e3
Symantec Web Gateway version 5.0.2.8 pre-authentication remote code execution exploit.
970b84a1292b0d6cf8128d51ac617317c8cdfa0985e3672aeee25722afec7b54
NagiosXL version 5.6.11 post authentication orderby parameter remote SQL injection exploit.
5b7280585819afb90f9056b2f48942ba062dc884bc0991afeaddcc45f7440a4f
Centreon version 19.11 post authentication acl_res_name parameter remote SQL injection vulnerability.
26ddd5ca918503c36714484e708d799c5b8b0c860297a0d6fef820a51abd2fdc
NagiosXI version 5.6.11 post authentication start, end, and step parameter remote code execution exploit.
031602c56f2aaed8028f670cedf7bcaeea0adc9a27dbd5faa77afcb3ff87e286
Symantec Web Gateway version 5.0.2.8 post authentication remote code execution exploit.
02346ae04aa267009c24e0117a0c4d7990844c5da0d0bae1cd4c22edf7e2cd9c
NagiosXI version 5.6.11 post authentication address parameter remote code execution exploit.
428cf9e7378b1a7c753e11aa12708d599dc69c144f7915dad4f27913824c00eb
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote SQL injection vulnerabilities in Centreon version 19.10-3.el7.
02221a056ccb54bfaed855a9ef6741e6737b01e06fc5841d931b5745c69e5e8b
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in Symantec Web Gateway version 5.0.2.8.
c5c75f2da8676e6edfc6cc37ea4ac20e90be1d12275b0fce452c5c10d306afe6
This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in ManageEngine version 14.
55f884e3a3e6704c111f4ff046bd4931087255499a9ead8d4d9832ca49c77691