Certifried
Very EasyAnonymous SMB enumeration on an Active Directory host reveals a readable share; null-session LDAP queries are not open, but unauthenticated SMB access …
BloodFlow
Very EasyA publicly exposed n8n workflow automation instance is vulnerable to CVE-2026-21858, an unauthenticated arbitrary file read to RCE chain, yielding a …
ReactOOPS
Very EasyA vulnerable React application is exploited via CVE-2025-55182 (react2shell), yielding unauthenticated remote code execution and a shell that reads …
Caring
Very EasyAn unauthenticated SMB Config share leaks a config.ini containing credentials for the user claudio; WinPEAS then surfaces Administrator credentials …
ADSelfService
Very EasyAn exposed ManageEngine ADSelfService Plus portal running version 6.1 is vulnerable to CVE-2021-40539 (REST API authentication bypass to RCE), …
Logonshell
Very EasyA Microsoft Exchange Server 2019 RTM (15.2.221.12) on the edelweiss.htb domain is exploited via ProxyShell (CVE-2021-34473) — the auth bypass …