Bucket
MediumA web application backed by a locally exposed S3-compatible bucket allows unauthenticated file uploads; uploading a PHP web shell through the bucket …
Infosek
MediumExposed WordPress credentials in a public location grant admin panel access; a webshell upload reveals database credentials for the ryder account, and …
Logging
MediumReadable SMB log share leaks an svc_recovery password (with a year-increment pattern), Generic Write on MSA_HEALTH$ enables shadow credential abuse …
Deputy
MediumA exposed .git directory leaks Terraform IAM ARNs; a case-sensitivity bug in the event-role API lets those ARNs cross account boundaries, eventually …
Interpreter
MediumMirth Connect 4.4.0 is vulnerable to CVE-2023-43208 (unauthenticated RCE); database credentials in mirth.properties lead to a PBKDF2-hashed password …
Rainbow
MediumAnonymous FTP access combined with a custom web service on port 8080 leads to a stack-based buffer overflow that overwrites ECX; exploiting the crash …
VulnCicada
MediumAn exposed NFS share leaks domain usernames and a credential hidden inside an image file; the password belongs to Rosie.Powell, whose account is used …
Printer
MediumA printer management web app leaks LDAP credentials to a Responder listener; Invoke-Pester in a constrained WinRM environment executes an arbitrary …