1d8/publications

CVE/Research Publications

CVE List

DMA Soft Labs Radius Manager - 4.4.0

• CVE-2021-29011 - XSS
• CVE-2021-29012 - Broken session management
• CVE-2021-30147 - CSRF
• Dmasoft XSS Cookie Stealer Exploit

Crater Invoice

• CVE-2022-0372 - XSS

Live Helper Chat

• CVE-2022-0083 - Generation of Error Message Containing Sensitive Information
• CVE-2021-4177 - Generation of Error Message Containing Sensitive Information

Exploits

• Mara CMS 7.5 Authenticated RCE

Malware Research

• Using Monday.com's API for command & control