PinnedM Nadeem QaziCVE-2023–33977: Unrestriced File Upload leads to Stored XSS in KiwitCMS<12.4 — M Nadeem QaziHello Readers,Jun 6, 2023Jun 6, 2023
M Nadeem QaziCVE-2023–4698: Local File Inclusion (LFI) in usememos/memos < 0.13.2Hello, tech enthusiasts,Sep 4, 2023Sep 4, 2023
M Nadeem QaziCVE-2023–4696: Account Takeover Due to Improper Handling of JWT Tokens in memos < v0.13.2Hey there, fellow tech enthusiasts!Sep 1, 2023Sep 1, 2023
M Nadeem QaziCVE-2023–36809: Misconfigured HTTP headers allowing Stored XSS in KiwiTCMS<=12.4 -By M Nadeem QaziHi Everyone, Today I am going to discuss about my new finding in kiwiTCMS.Jul 4, 2023Jul 4, 2023
M Nadeem QaziCVE-2023–3009 : Stored XSS vulnerability in Teampass < 3.0.9Hi, Recently, I had the opportunity to analyze the security of the Teampass application, and during my assessment, I discovered a…May 31, 2023May 31, 2023
M Nadeem QaziCVE-2023-2859: Stored HTML injection in folderName affecting Admin in TeamPass < 3.0.9Hi,May 24, 2023May 24, 2023
M Nadeem QaziCVE-2023-2591: Stored HTML Injection in Item Label in Teampass 3.0.6I recently identified a security vulnerability in nilsteampassnet/teampass, a popular password management tool. This vulnerability…May 9, 2023May 9, 2023
M Nadeem QaziCVE-2023–2516: Stored XSS Vulnerability in Teampass 3.0.6 — M Nadeem QaziHey everyone, I wanted to share with you a vulnerability that I discovered in Teampass, a password management software. I found a stored…May 8, 2023May 8, 2023