The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks.

Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability

An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document.

Detection method for Exim vulnerability CVE-2024-39929

Atlassian Confluence Data Center and Server Broken Access Control Vulnerability

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely …

Detection for CVE-2025-24016 - Deserialization of Untrusted Data Vulnerability in the Wazuh software

Detection for CVE-2024-57378

Detection for CVE-2025-47812

Detection for CVE-2025-52914

Detection for CVE-2025-8875 & CVE-2025-8876

Detection for CVE-2025-4427 and CVE-2025-4428

Detection for CVE-2025-57819

Detection for CVE-2025-7775

Detection for CVE-2025-53690

Detection for CVE-2025-42944

Detection for CVE-2025-10035

Detection for CVE-2025-26399

Detection for CVE-2025-41244

Detection for CVE-2025-11371

Detection for CVE-2025-61882 & CVE-2025-61884

🏠 Documenting my homelab journey

🍯Honeypot Threat Intel

A workflow to gather responsible disclosure emails from a given host(s).

Personal repository of scripts I use with Ansible

Detect instances that are tracking you through Google Analytics 🔎

Personally crafted Bash Bunny Payloads