Zero Science Lab

Vuln: Pachno 1.0.6 FileCache Deserialization Remote Code Execution - zeroscience.mk/advisories/ZSL…

Vuln: Pachno 1.0.6 (runSwitchUser()) Remote Vertical Privilege Escalation - zeroscience.mk/advisories/ZSL…

Vuln: Pachno 1.0.6 Wiki TextParser XXE Vulnerability - zeroscience.mk/advisories/ZSL…

Vuln: Pachno 1.0.6 Cross-Site Request Forgery - zeroscience.mk/advisories/ZSL…

Vuln: Pachno 1.0.6 (uploadfile) Unrestricted File Upload Remote Code Execution - zeroscience.mk/advisories/ZSL…

Vuln: Pachno 1.0.6 (return_to) Open Redirection - zeroscience.mk/advisories/ZSL…

Vuln: Pachno 1.0.6 Stored Cross-Site Scripting - zeroscience.mk/advisories/ZSL…

zeroscience.mk - 3.0 released.

Vuln: Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control And Lockout - zeroscience.mk/en/vulnerabili…

Vuln: Tattile Cameras 1.181.5 Unauthenticated RTSP Stream Disclosure - zeroscience.mk/en/vulnerabili…

Vuln: Tattile Cameras 1.181.5 Use of Default Credentials - zeroscience.mk/en/vulnerabili…

Vuln: Tattile Cameras 1.181.5 Insufficient Token (X-User-Token) Expiration - zeroscience.mk/en/vulnerabili…

Silly bug S01E01 released in Paged Out Issue #8 (Feb'26): Page-based buffer overflow - pagedout.institute/download/Paged…

Vuln: eNet SMART HOME server 2.3.1 (setUserGroup) Remote Privilege Escalation - zeroscience.mk/en/vulnerabili…

Vuln: eNet SMART HOME server 2.3.1 (resetUserPassword) Account Takeover - zeroscience.mk/en/vulnerabili…

Vuln: eNet SMART HOME server 2.3.1 (deleteUserAccount) Arbitrary User Deletion - zeroscience.mk/en/vulnerabili…

Vuln: eNet SMART HOME server 2.3.1 Use of Default Credentials - zeroscience.mk/en/vulnerabili…

Vuln: JUNG Smart Visu Server 1.1.1050 Remote Server Shutdown - zeroscience.mk/en/vulnerabili…

Vuln: JUNG Smart Visu Server 1.1.1050 Request URL Override - zeroscience.mk/en/vulnerabili…

Vuln: JUNG Smart Panel 5.1 KNX Unauthenticated Absolute File Path Traversal - zeroscience.mk/en/vulnerabili…