CVE-2021-31740 - Exploiting SEPPMail’s XSS Vulnerability – Analysis, Code, and Insights
In today’s digital world, email security appliances are used everywhere to keep sensitive messages private and secure. One popular product is SEPPMail, advertised for
CVE-2022-38803 - How a Simple XSS in Zkteco BioTime Leads to Local File Read — Exploit and Details
Zkteco BioTime is a widely used time and attendance management platform, especially popular in organizations that need biometric punch and leave management. In mid-2022, a
CVE-2022-38802 - Exploiting Incorrect Access Control in ZKTeco BioTime (<8.5.3 Build:20200816.447) for Local File Disclosure via XSS-to-PDF
ZKTeco's BioTime is a popular biometric time and attendance management software, used by enterprises worldwide. Security researchers discovered that versions below 8.5.
CVE-2022-38801 - How Employees Can Hijack Admin Sessions in ZKTeco BioTime (<8.5.3 Build:20200816.447) Using Blind XSS
ZKTeco’s BioTime is a popular time attendance and workforce management system used worldwide by small and large companies. On August 19, 2022, a severe
CVE-2022-41413 - Deep Dive Into perfSONAR CSRF Vulnerability and How It Can Be Exploited
In late 2022, a critical Cross-Site Request Forgery (CSRF) vulnerability was discovered in perfSONAR, an open source network measurement toolkit widely adopted by education and
Episode
00:00:00
00:00:00