Full Disclosure Mailing List

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

List Archives

Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
2025
24
20
9
32
24
28
12
–
–
–
–
–
2024
75
25
44
29
37
13
24
41
60
21
20
22
2023
29
17
27
14
28
10
52
33
21
32
15
30
2022
91
57
63
54
48
57
27
17
30
52
26
32
2021
84
93
81
77
81
60
72
39
59
79
56
50
2020
52
36
57
63
60
35
37
24
55
34
45
60
2019
71
54
64
41
52
49
40
37
45
59
34
37
2018
102
84
79
61
73
46
95
53
57
54
69
56
2017
99
103
91
113
108
52
95
58
98
71
51
89
2016
100
128
97
93
75
79
89
139
85
103
162
88
2015
134
101
165
115
133
112
126
86
121
115
111
129
2014
194
273
434
325
213
173
167
89
115
135
103
138
2013
282
162
290
263
227
259
277
303
187
294
222
224
2012
611
477
390
382
323
428
394
393
210
277
236
280
2011
580
687
439
561
572
565
367
393
370
995
466
511
2010
637
502
564
452
408
631
417
445
414
523
342
696
2009
979
380
465
318
282
291
550
455
421
339
386
502
2008
615
496
600
821
681
403
591
557
639
531
739
634
2007
593
629
573
744
555
661
662
530
709
935
582
641
2006
992
740
1865
865
789
1058
770
771
578
678
545
493
2005
927
676
950
654
678
437
766
1078
890
677
1065
1531
2004
1358
1534
1499
1153
1451
1031
1370
1314
1091
1174
1424
731
2003
505
405
296
500
421
890
1251
1942
1763
1806
1123
782
2002
–
–
–
–
–
–
314
835
684
381
454
313

Latest Posts

Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities Egidio Romano (Jul 09)
----------------------------------------------------------------------------------
Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection
Vulnerabilities
----------------------------------------------------------------------------------

[-] Software Link:

https://tiki.org

[-] Affected Versions:

Version 28.3 and prior 28.x versions.
Version 27.2 and prior 27.x versions.
Version 24.8 and prior 24.x versions.
Version 21.12 and...

KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery KoreLogic Disclosures via Fulldisclosure (Jul 09)
KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery

Title: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery
Advisory ID: KL-001-2025-011
Publication Date: 2025-07-09
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-011.txt

1. Vulnerability Details

Affected Vendor: Schneider Electric
Affected...

KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation KoreLogic Disclosures via Fulldisclosure (Jul 09)
KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation

Title: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation
Advisory ID: KL-001-2025-010
Publication Date: 2025-07-09
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-010.txt

1. Vulnerability Details

Affected Vendor: Schneider Electric
Affected Product: EcoStruxure IT Data Center Expert...

KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution KoreLogic Disclosures via Fulldisclosure (Jul 09)
KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution

Title: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution
Advisory ID: KL-001-2025-009
Publication Date: 2025-07-09
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-009.txt

1. Vulnerability Details

Affected Vendor: Schneider Electric
Affected Product: EcoStruxure IT Data Center...

KL-001-2025-008: Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery KoreLogic Disclosures via Fulldisclosure (Jul 09)
KL-001-2025-008: Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery

Title: Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery
Advisory ID: KL-001-2025-008
Publication Date: 2025-07-09
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-008.txt

1. Vulnerability Details

Affected Vendor: Schneider Electric
Affected Product: EcoStruxure IT Data Center...

KL-001-2025-007: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution KoreLogic Disclosures via Fulldisclosure (Jul 09)
KL-001-2025-007: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution

Title: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution
Advisory ID: KL-001-2025-007
Publication Date: 2025-07-09
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-007.txt

1. Vulnerability Details

Affected Vendor: Schneider Electric
Affected Product:...

KL-001-2025-006: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection KoreLogic Disclosures via Fulldisclosure (Jul 09)
KL-001-2025-006: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection

Title: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection
Advisory ID: KL-001-2025-006
Publication Date: 2025-07-09
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-006.txt

1. Vulnerability Details

Affected Vendor: Schneider Electric
Affected Product: EcoStruxure IT...

eSIM security research (GSMA eUICC compromise and certificate theft) Security Explorations (Jul 09)
Dear All,

We broke security of Kigen eUICC card with GSMA consumer certificates
installed into it.

The eUICC card makes it possible to install the so called eSIM profiles
into target chip. eSIM profiles are software representations of mobile
subscriptions. For many years such mobile subscriptions had a form of a
physical SIM card of various factors (SIM, microSIM, nonoSIM). With eSIM,
the subscription can come in a pure digital form (as a...

Directory Traversal "Site Title" - bluditv3.16.2 Andrey Stoykov (Jul 07)
# Exploit Title: Directory Traversal "Site Title" - bluditv3.16.2
# Date: 07/2025
# Exploit Author: Andrey Stoykov
# Version: 3.16.2
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

Directory Traversal "Site Title" #1:

Steps to Reproduce:

1. Login with admin account and "General" > "General"
2. Set the "Site Title" to the following payload "../../../malicious"
3....

XSS via SVG File Uploa - bluditv3.16.2 Andrey Stoykov (Jul 07)
# Exploit Title: XSS via SVG File Upload - bluditv3.16.2
# Date: 07/2025
# Exploit Author: Andrey Stoykov
# Version: 3.16.2
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

XSS via SVG File Upload #1:

Steps to Reproduce:

1. Login with admin account and click on "General" > "Logo"

<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"...

Stored XSS "Add New Content" Functionality - bluditv3.16.2 Andrey Stoykov (Jul 07)
# Exploit Title: Stored XSS "Add New Content" Functionality - bluditv3.16.2
# Date: 07/2025
# Exploit Author: Andrey Stoykov
# Version: 3.16.2
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

Stored XSS "Add New Content" Functionality #1:

Steps to Reproduce:

1. Login with admin account and visit "New Content"
2. In the "Source Code" field enter the following parameter...

Session Fixation - bluditv3.16.2 Andrey Stoykov (Jul 07)
# Exploit Title: Session Fixation - bluditv3.16.2
# Date: 07/2025
# Exploit Author: Andrey Stoykov
# Version: 3.16.2
# Tested on: Debian 12
# Blog: https://msecureltd.blogspot.com/

Session Fixation #1:

Steps to Reproduce:

Visit the login page. Login with valid user and observe that the sessionID
has not been changed

// HTTP POST request logging in

POST /bludit/admin/ HTTP/1.1
Host: 192.168.58.133
User-Agent: Mozilla/5.0 (Windows NT 10.0;...

iOS Activation Flaw Enables Pre-User Device Compromise and Identity Exposure (iOS 18.5) josephgoyd via Fulldisclosure (Jun 30)
Title: iOS Activation Flaw Enables Pre-User Device Compromise

Reported to Apple: May 19, 2025
Reported to US-CERT: May 19, 2025
US-CERT Case #: VU#346053
Vendor Status: Silent
Public Disclosure: June 26, 2025

------------------------------------------------------------------------
Summary
------------------------------------------------------------------------

A critical vulnerability exists in Apple’s iOS activation pipeline that
allows...

Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title> Tag Brian Carpenter via Fulldisclosure (Jun 25)
Hey list,

You can remotely crash httpx v1.7.0 (by ProjectDiscovery) by serving a malformed <title> tag on your website. The bug
is a classic out-of-bounds read in trimTitleTags() due to a missing bounds check when slicing the title string. It
panics with:

panic: runtime error: slice bounds out of range [9:6]

Affects anyone using httpx in their automated scanning pipeline. One malformed HTML response = scanner down. Unit
testing or...

CVE-2025-32978 - Quest KACE SMA Unauthenticated License Replacement Seralys Research Team via Fulldisclosure (Jun 23)
Seralys Security Advisory | https://www.seralys.com/research

======================================================================
Title: Unauthenticated License Replacement
Product: Quest KACE Systems Management Appliance (SMA)
Affected: Confirmed on 14.1 (older versions likely affected)
Fixed in: 13.0.385, 13.1.81, 13.2.183, 14.0.341(Patch 5),
14.1.101(Patch 4)
Vendor: Quest Software
Discovered: April...

More Lists

Dozens of other network security lists are archived at SecLists.Org.