Tağmaç | root@Tagoletta:~#

Category: Security Research

Posts in Security Research

CVE-2025-69460 – Simple Image Gallery 1.0 - Remote Code Execution (Unauthenticated)

Wed Jan 21 2026

CVE-2025-69460: Unauthenticated Remote Code Execution (RCE) vulnerability in Simple Image Gallery 1.0. Zero-day discovery and exploit by Tağmaç 'Tagoletta'.

CVE-2025-69457 – Responsive Tourism Website 3.1 - Remote Code Execution (Unauthenticated)

Wed Jan 21 2026

CVE-2025-69457: Unauthenticated Remote Code Execution (RCE) vulnerability in Responsive Tourism Website 3.1. Zero-day discovery and exploit by Tağmaç 'Tagoletta'.

CVE-2023-38890 – Online Shopping Portal 3.1 Remote Code Execution

Wed Jan 21 2026

CVE-2023-38890: Unauthenticated SQL Injection to Remote Code Execution (RCE) vulnerability in Online Shopping Portal 3.1. Zero-day discovery and exploit by Tağmaç 'Tagoletta'.

CVE-2025-69458 – Movie Rating System 1.0 - SQL Injection to RCE (Unauthenticated)

Wed Jan 21 2026

CVE-2025-69458: Unauthenticated SQL Injection to Remote Code Execution (RCE) vulnerability in Movie Rating System 1.0. Zero-day discovery and exploit by Tağmaç 'Tagoletta'.

CVE-2025-69459 – Movie Rating System 1.0 - Broken Access Control

Wed Jan 21 2026

CVE-2025-69459: Broken Access Control vulnerability allowing Admin Account Creation in Movie Rating System 1.0. Zero-day discovery and exploit by Tağmaç 'Tagoletta'.

Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated)

Wed Aug 18 2021

Zero-Day Discovery & Exploit Development: Traffic Offense Management System

Back to All Posts

Tagmac Han

He's a passionate Cyber Security Consultant & Vulnerability Researcher in Turkey

OSWE | OSCP | CEH | eMAPT

Category: Security Research

Kategori: Security Research

CVE-2025-69460 – Simple Image Gallery 1.0 - Remote Code Execution (Unauthenticated)

CVE-2025-69457 – Responsive Tourism Website 3.1 - Remote Code Execution (Unauthenticated)

CVE-2023-38890 – Online Shopping Portal 3.1 Remote Code Execution

CVE-2025-69458 – Movie Rating System 1.0 - SQL Injection to RCE (Unauthenticated)

CVE-2025-69459 – Movie Rating System 1.0 - Broken Access Control

Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated)

Category: Security Research

Kategori: Security Research

CVE-2025-69460 – Simple Image Gallery 1.0 - Remote Code Execution (Unauthenticated) CVE-2025-69460 – Simple Image Gallery 1.0 - Remote Code Execution (Unauthenticated)

CVE-2025-69457 – Responsive Tourism Website 3.1 - Remote Code Execution (Unauthenticated) CVE-2025-69457 – Responsive Tourism Website 3.1 - Remote Code Execution (Unauthenticated)

CVE-2023-38890 – Online Shopping Portal 3.1 Remote Code Execution CVE-2023-38890 – Online Shopping Portal 3.1 Uzaktan Kod Yürütme

CVE-2025-69458 – Movie Rating System 1.0 - SQL Injection to RCE (Unauthenticated) CVE-2025-69458 – Movie Rating System 1.0 - SQL Injection to RCE (Unauthenticated)

CVE-2025-69459 – Movie Rating System 1.0 - Broken Access Control CVE-2025-69459 – Movie Rating System 1.0 - Broken Access Control

Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated) Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated)

CVE-2025-69460 – Simple Image Gallery 1.0 - Remote Code Execution (Unauthenticated)

CVE-2025-69457 – Responsive Tourism Website 3.1 - Remote Code Execution (Unauthenticated)

CVE-2023-38890 – Online Shopping Portal 3.1 Remote Code Execution

CVE-2025-69458 – Movie Rating System 1.0 - SQL Injection to RCE (Unauthenticated)

CVE-2025-69459 – Movie Rating System 1.0 - Broken Access Control

Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated)