CVE-2021-36898 - Breaking Down an Authenticated SQL Injection in WordPress Quiz And Survey Master (QSM) Plugin (≤ 7.3.4)
If you are running the Quiz And Survey Master (QSM) plugin on your WordPress site and haven’t updated it past version 7.3.4,
CVE-2022-43168 - Exploiting SQL Injection in Rukovoditel v3.2.1 (Full Guide & PoC)
Rukovoditel, a popular open-source project management tool, is widely used across companies and teams for collaborative project tracking. In October 2022, a serious SQL injection
CVE-2022-43166 - Breaking Down the Stored XSS Vulnerability in Rukovoditel v3.2.1’s Global Entities
Rukovoditel is a popular open-source project management tool. While it offers handy features for teams, security researchers discovered a serious bug back in version 3.
CVE-2022-43167 - Breaking Down a Stored XSS in Rukovoditel’s User Alerts (v3.2.1)
In October 2022, a critical stored cross-site scripting (XSS) vulnerability surfaced in Rukovoditel, a popular open source project management tool (official site). If you’re
CVE-2022-43170 - Stored XSS Vulnerability in Rukovoditel v3.2.1 Dashboard Configuration Explained
When managing projects with Rukovoditel, user dashboards often display critical business data. But, as security researchers discovered, an authenticated user could exploit a flaw and
Episode
00:00:00
00:00:00