PilotPatrickk

2 exploits Active since Jan 2026
CVE-2025-59379 WRITEUP HIGH WRITEUP
DwyerOmega Isensix Advanced Remote Monitoring System < 1.5.7 - Blind SQL Injection
DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from existing users (and admins) and use them to authenticate to the application.
CVSS 7.5
CVE-2025-60534 WRITEUP CRITICAL WRITEUP
Blue Access Cobalt v02.000.195 - Auth Bypass
Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.
CVSS 9.8