Please download one of these browsers:
Keep your browser version up-to-date for a fast, secure, web experience.
This course will guide you through exploiting a critical vulnerability (CVE-2023-46604) in Apache ActiveMQ, a popular open-source message broker.
CNVD-2024-15077 is a security flaw in AJ-Report (before version 1.4.1) that lets attackers bypass login checks.
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini is misconfigured.
In Cups-Browsed v2.0.1 and earlier (CVE-2024-47177), improper handling of the FoomaticRIPCommandLine parameter in PPD files allows attackers to exploit a crafted IPP server to execute arbitrary commands on the affected system.
Apache HertzBeat (incubating) is an easy-to-use, open source, real-time monitoring system with agentless, high performance cluster, prometheus-compatible, offers powerful custom monitoring and status page building capabilities.
Dive into the world of MinIO security as we uncover and exploit an information disclosure vulnerability, gaining access to sensitive data.
CVE-2024-4367 allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened.
Learn to exploit CVE-2017-5638, a critical Apache Struts 2 flaw. Attackers can execute remote commands via crafted HTTP headers in file uploads. This hands-on course covers real-world exploitation techniques used in 2017 attacks.
This lab provides hands-on experience exploiting CVE-2023-42793, a critical vulnerability in JetBrains TeamCity. Learn to gain unauthorized access, escalate privileges, and execute arbitrary code on a vulnerable server.
