Stux

NameStux
Registration02/02/2023
Community Points422
Submits31
Commits1
Posts0
Votes0
Community RankProficient
Activity Badges
👴 Long-time User (2x)
💻 Digital Nomad (2x)
🔬 Researcher
🐘 Heavy User
🖖 Community Member (8x)
👋 Regular Visitor (3x)
📤 Submitter (4x)

Submits (31)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

IDTitleSubmissionModerationEntryPStatus
501840vtiger Vtiger CRM 6.4.0 Reflected Cross-Site Scripting02/15/202502/23/202529660817Accepted
496171SIAM Industria de Automação e Monitoramento Ltda. SIAM 2.0 Reflected Cross-Site Scripting02/06/202502/15/202529596720Accepted
496141Pix Software Vivaz 6.0.10 Cross-Site Request Forgery02/06/202502/15/202529596617Accepted
493492Allims Lab.Online Latest SQL Injection With High Privileges02/01/202502/10/202529506120Accepted
493482Pix Software Vivaz 6.0.10 SQL Injection02/01/202502/10/202529506017Accepted
475741Xxxx Xxxxx Xxxxxxx X Xxxxxxxxx Xxxxx-xxxx Xxxxxxxxx01/07/202501/08/2025
 
0Rejected
475602Mobotix M15 MX-V4.3.4.83 Reflected Cross-Site Scripting01/06/202501/19/202529254117Accepted
473865Virtual Computer SA Vysual RH Solution 2024.12.1 Reflected Cross-Site Scripting01/02/202501/14/202529147520Accepted
473785Mitel MiVoice Office 400 MiVoice Office 400 Cross-Site Scripting01/02/202501/12/20251258850Duplicate
400844Grocy 4.2.0 Authenticated Stored Cross-Site Scripting via Break of Control08/31/202409/01/202427627420Accepted
388118Xxxxxxx X.x.x (xxxxxx) Xxxxxxxxxxxxx Xxxxx Xxxx Xxxxxxxxx08/08/202408/09/2024
 
0Rejected
387606Scada-LTS 2.7.8 (Last) Stored Cross-Site Scripting08/07/202408/16/202427490920Accepted
375614Intelbras InControl 2.21.57 (last version) Command Injection07/16/202409/28/202427882820Accepted
358596ZKTeco ZKBio CVSecurity V5000 V5000 4.1.0 Stored Cross-Site Scripting06/17/202406/26/202426973320Accepted
353502Intelbras InControl 2.21.56 Unquoted Service Path via "incontrolWebcam" Service06/10/202406/17/202426882220Accepted
351403ZKTeco ZKBio CVSecurity 4.1.0 Stored Cross-Site Scripting06/06/202406/14/202426869420Accepted
351241ZKTeco ZKBio CVSecurity V5000 4.1.0 Filter Bypass leads Stored Cross-Site Scripting to PrivEsc06/06/202406/14/202426869320Accepted
261961Xxxx-xxxxxxx Xxxx Xxx X > Xxxxxxxxx Xxxxx-xxxx Xxxxxxxxx01/03/202401/03/2024
 
0Rejected
201562Reflected Cross-Site Scripting on Shopicial App08/30/202309/15/202323979417Accepted
162093Xxxxxxxxx Xxxxx-xxxx Xxxxxxxxx Xx Xxx-xxx Xxxxxxxx, Xxxxxxxxxx Xxxxxxxxx05/29/202305/29/2023
 
0Rejected
152938Gira HomeServer v4 Reflected Cross-Site Scripting05/06/202305/16/202322915020Accepted
150588TOTVS Food Service - Stored Cross-Site Scripting in SMS Messaging function04/30/202304/30/202322775820Accepted
150587TOTVS Food Service - BAC + IDOR leads to unauthorized access to sms messages from other companies.04/30/202304/30/202322775920Accepted
148296Control iD RH iD v23.3.19.0 - Broken Access Control allows a low-privilege user access to high-privilege functions04/25/202305/04/202322801520Accepted
115718Control iD RH iD v23.3.19.0 - Authenticated Stored Cross-Site Scripting in the "Name" field in the "/v2/#/add/department" function04/18/202304/28/202322771820Accepted
110414Xx Xxxxxx Xxx X Xxxxxx-xxxx Xxxxxxx Xxxxxxx Xxxxxxxxxxxxx Xx Xxx Xx/xxx Xxxxx04/05/202304/06/2023
 
0Rejected
110406iDSecure Stored Cross-Site Scripting in "Dispositivos>Adicionar" field "IP/DNS".04/05/202304/14/202322592220Accepted
107434Xxxxxãx Xxx Xxxxx Xx.x.x Xxx Xx.x.x Xxxxxx Xxxxxx Xxxxxxx Xxxxx Xx Xxxxxxx Xxxx03/29/202304/04/2023
 
0Rejected
106063Control iD v23.3.19.0 SQL Injection via parameter JSON email (PUT) in Edit Operators.03/26/202304/14/202322592117Accepted
84007Xxxxxx Xxxxxx-xxxx Xxx Xxxxxxxx X.x.xx.x - Xxxxxx Xxxxx-xxxx Xxxxxxxxx Xx Xxxxx 02/04/202302/04/2023
 
0Rejected
82473Xxxxx X-xxxx Xx Xxxxxxxxx Xxxxx-xxxx Xxxxxxxxx02/02/202302/02/2023
 
0Rejected

Commits (1)

IDEntryCVEUpdatedModerationCP
19381368Allims lab.online model_recuperar_senha.php sql injectionCVE-2025-115702/10/202502/10/202510

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!