Jun 13, 2026 · Information Security

My First Medium‑Severity Vulnerability: Exploiting Leaked Test Accounts in an EduCN Portal

The author describes discovering a medium‑severity information‑leak vulnerability in an educational portal by using a Google dork to locate a file exposing three default test accounts, then logging in with the admin credentials (password 123456) after other attack attempts failed.

Google dorkeducation domaininformation leakage

0 likes · 3 min read

My First Medium‑Severity Vulnerability: Exploiting Leaked Test Accounts in an EduCN Portal

Black & White Path

Apr 18, 2026 · Information Security

How to Locate FortiClient EMS Servers with Google and Shodan

The article explains the FortiGhost (CVE‑2026‑21643) pre‑authentication SQL injection RCE vulnerability in FortiClient EMS and provides specific Google and Shodan search queries—title, HTML content, and favicon hash—to discover vulnerable instances.

CVE-2026-21643FortiClient EMSFortiGhost

0 likes · 1 min read

How to Locate FortiClient EMS Servers with Google and Shodan