Blog
Posts and research notes by rvz.
CVE-2024-42640 : Unauthenticated Remote Code Execution via Angular-Base64-Upload Library
The angular-base64-upload library, created by Adones Pitogo, is a tool designed to simplify the process of uploading base64-encoded files in Angular applications.
CVE-2024-57514 – XSS in TP-Link A20 v3 Router
The TP-Link Archer A20 v3 Router is vulnerable to Cross-site Scripting (XSS) due to improper handling of directory listing paths in the web interface.
CVE-2025-51569 – XSS in LB-Link BL-CPE300M AX300 4G LTE Router
The LB-Link BL-CPE300M router web interface is vulnerable to reflected cross-site scripting (XSS) vulnerability.