Exploit Title: Reflected XSS in Elaine's Realtime CRM Automation v6.18.17 CVE-2024-42831
A reflected cross-site scripting (XSS) vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser
Read MoreCVE-2024-36401 (GeoServer RCE)
CVE-2024-36401 is a critical Remote Code Execution vulnerability in GeoServer, specifically targeting the Web Feature Service (WFS) endpoint. By sending a specially crafted GET request, an attacker can execute arbitrary Java code via the valueReference parameter of a WFS request. This allows attackers to run system-level commands remotely on the server.
Read More