15 POSTS · TAG · #rce
DATE CAT TITLE TARGET CVSS
2024 · 6
03-02 CVE CVE-2023-41281 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection QNAP 7.2 03-02 CVE CVE-2023-39297 - QTS 5.1.x, 4.5.x; QuTS hero h5.1.x, h4.5.x; QuTScloud 5.x OS Command Injection QNAP 8.8 03-02 CVE CVE-2023-39302 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection QNAP 7.2 03-02 CVE CVE-2023-41282 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection QNAP 7.2 03-02 CVE CVE-2023-41283 - QTS 5.1.x, QuTS hero h5.1.x, QuTScloud 5.x OS Command Injection QNAP 7.2 06-01 CVE CVE-2023-39294 - QTS 5.1.x, QuTS hero h5.1.x OS Command Injection QNAP 7.2 2022 · 3
15-02 EXPLOIT CVE-2022-24977 - ImpressCMS path traversal to pre-auth RCE ImpressCMS 9.8 15-02 CVE CVE-2022-24977 - ImpressCMS path traversal to pre-auth RCE ImpressCMS 9.8 12-02 POST impressCMS - unauthenticated code execution ImpressCMS 9.8 2021 · 2
05-12 POST HITCON CTF 2021 Metamon-Verse Writeup HitconCTF 2021 — 09-08 POST Roxy-WI through 5.2.2.0 pre-auth RCE Roxy-wi 9.8 2020 · 4
31-12 POST iceCTF-2020 - krouter writeup iceCTF 2020 — 25-07 EXPLOIT 3kCTF-2020 - babym1ps exploit 3kCTF 2020 — 25-07 POST 3kCTF-2020 - babym1ps writeup 3kCTF 2020 — 14-05 EXPLOIT CVE-2020-12720 - Vbulletin RCE Vbulletin 9.8
CONTACT
rekter0
PROFESSIONAL SLOPPER
Application security research. vulnerability disclosure, and the occasional pre-auth RCE chain.
28 CVE 7 EXPLOIT 14 POST