SSD Advisory – IP-Board Stored XSS to RCE Chain

Find out how an XSS in IP-Board can be leveraged into an remote code execution.

SSD Advisory – aaPanel CSWH to RCE

Find out how a CSWH hijacking vulnerability in aaPanel allows remote attackers to cause an authenticated user to execute arbitrary commands inside aaPanel’s managed servers.

SSD Advisory – SmarterMail XSS

Find out how a cross site scripting vulnerability in SmarterMail allows remote attackers to obtain the JWT token used to authenticate the user.

SSD Advisory – Ivanti Avalanche Directory Traversal

Find out how a directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the ‘image’ folder.

SSD Advisory – VoIPmonitor UnAuth RCE

Find out how a vulnerability in VoIPmonitor allows an unauthenticated attacker to execute arbitrary code.