Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery

PaperCut NG Unauthenticated XMLRPC Functionality

Likeshop < 2.5.7.20210311 - Arbitrary File Upload

Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal

Laravel Ignition contains a cross-site scripting vulnerability when debug mode is enabled.

Windows Server 2003 & IIS 6.0 - Remote Code Execution

This is a tool used by several security researchers to find Open Redirect Bug

CVE-2020-27838 - KeyCloak - Information Exposure

Apache Superset - Authentication Bypass

SpiderFlow Crawler Platform - Remote Code Execution

WordPress Contact Form 7 - Unrestricted File Upload

Plesk Obsidian <=18.0.49 - Open Redirect

Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)

Web Application Penetration Tester (WAPT) Notes

WordPress WPS Hide Login <1.9.1 - Information Disclosure

WebSafeHub - Vulnerable Web App

A Burp Suite extension to help you track your assessment progress

Automated and Modular Shell Script to Automate Security Vulnerability Scans

A curated set of offensive security notes on vulnerabilities, techniques, and tools