The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting...
6.1CVSS
6.1AI Score
0.001EPSS
CVE-2022-1250 LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting
The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting...
6.2AI Score
0.001EPSS
Exploit for Vulnerability in Apache Tomcat
CVE-2022-29885 **The tool is only used for security...
7.5CVSS
0.4AI Score
0.029EPSS
Warning! Instagram Stories hides a scam in plain sight
When someone finds their social media account compromised, they first think about letting their followers know. And they do. They warn others from reading any strange posts, usually containing a rogue link, before they sort out the matter behind the scenes. Some curious followers who missed these.....
-0.4AI Score
Exploit for Code Injection in Vmware Spring Framework
漏洞简介 最近spring爆出重磅级CVE漏洞,cve信息显示"A Spring MVC or Spring...
9.8CVSS
10AI Score
0.975EPSS
Fake USA for UNHCR site wants your Ukraine donations in Bitcoin
Since Russia began invading Ukraine in late February, many organizations have set up donation pages to aid the most heavily affected: Families who were forced out of their homes due to bombings and children separated from grown-ups who decided to stay and take arms. We've also seen a considerable.....
-0.3AI Score
IBM Planning Analytics Workspace文件上传漏洞
IBM Planning Analytics is a business planning and analysis solution from IBM Corporation. Planning Analytics Workspace is the Web management interface for IBM Planning Analytics. IBM Planning Analytics Workspace version 2.0 contains a file upload vulnerability that stems from a failure to Validate....
2.9AI Score
WordPress插件Users Ultra SQL注入漏洞
WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Users Ultra has a SQL injection vulnerability, which stems from the inability to properly clean and escape the data_target.....
3.3AI Score
Exploit for SQL Injection in Djangoproject Django
CVE-2022-28346 Django QuerySet.annotate(), aggregate(),...
9.8CVSS
0.4AI Score
0.003EPSS
Exploit for Path Traversal in Wso2 Api Manager
cve-2022-29464 免责声明 ``` 脚本仅供学习参考,请勿恶意攻击他人网站...
9.8CVSS
9.7AI Score
0.973EPSS
Exploit for OS Command Injection in Gerapy
CVE-2021-43857 CVE-2021-43857(gerapy命令执行) 免责声明 ```...
9.8CVSS
8.8AI Score
0.037EPSS
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL...
9.8CVSS
9.6AI Score
0.024EPSS
Exploit for Uncontrolled Search Path Element in Honeywell Softmaster
CVE-2022-2333 搞了大半年,给大家康个好康的 sxf vpn 大家喜欢吗 我不太喜欢...
8.8CVSS
0.3AI Score
0.001EPSS
Metform Elementor Contact Form Builder < 2.1.4 - Unauthenticated API keys and Secrets Disclosure
The is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs such as PayPal, Stripe, Mailchimp, Hubspot, HelpScout,...
7.5CVSS
1.2AI Score
0.033EPSS
Exploit for Incorrect Default Permissions in Kingsoft Wps Office
CVE-2022-24934 漏洞概述 WPS...
7.8CVSS
6.8AI Score
0.001EPSS
Cisco Umbrella Secure Web Gateway文件解密绕过漏洞
Cisco Umbrella is a cloud security platform from the U.S. company Cisco (Cisco). The platform prevents cyber threats such as phishing, malware and ransomware.Cisco Umbrella Secure Web Gateway has a file decryption bypass vulnerability that can be exploited by authenticated attackers to bypass the.....
2.1AI Score
Exploit for Unrestricted Upload of File with Dangerous Type in Elementor Website Builder
CVE-2022-1329-WordPress-Elementor-RCE...
8.8CVSS
8.8AI Score
0.96EPSS
Watch out for Ukraine donation scammers in Twitter replies
The invasion of Ukraine has been a money making opportunity for scammers since the moment it began: Fake donation sites, bogus Red Cross portals, phishing pages, the works. These scams can also be found on social media. Faking donations on Twitter Some users of social media have become very...
0.2AI Score
Exploit for Expression Language Injection in Apache Struts
Struts2_S2-062_CVE-2021-31805 Apache Struts2...
9.8CVSS
0.4AI Score
0.186EPSS
Exploit for Code Injection in Vmware Identity Manager
CVE-2022-22954-POC VMware Workspace ONE Access(以前称为VMware...
9.8CVSS
2.2AI Score
0.974EPSS
Exploit for Expression Language Injection in Apache Struts
s2-062 远程代码执行S2-062 CVE-2021-31805验证POC 验证方式...
2.7AI Score
Exploit for Expression Language Injection in Vmware Spring Cloud Function
Spring Cloud Function SPEL表达式注入漏洞(CVE-2022-22963) ...
9.8AI Score
Exploit for Code Injection in Vmware Identity Manager
![CVE-2022-22954](https://socialify.git.ci/bewhale/CVE-2022-2295......
9.8CVSS
-0.1AI Score
0.974EPSS
WordPress WPvivid Backup and Migration plugin任意文件读取漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress WPvivid Backup and Migration plugin version 0.9.70 and previous versions contain an arbitrary file read vulnerability. An...
4AI Score
WordPress One Click Demo Import plugin文件上传漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress One Click Demo Import plugin has a file upload vulnerability, which originates from the plugin does not validate the imported....
2AI Score
Exploit for Code Injection in Vmware Identity Manager
CVE-2022-22954-scanner 漏洞介绍 VMware Workspace ONE...
9.8CVSS
9.3AI Score
0.974EPSS
Exploit for Code Injection in Vmware Identity Manager
CVE-2022-22954 漏洞描述 Workspace ONE Access...
9.8CVSS
0.8AI Score
0.974EPSS
10CVSS
2.4AI Score
0.975EPSS
Exploit for Expression Language Injection in Vmware Spring Cloud Gateway
SpringCloud-Gateway命令执行漏洞(CVE-2022-22947) 环境搭建...
10CVSS
10AI Score
0.975EPSS
The Bug Report - March 2022 Edition
The Bug Report - March 2022 By Charles McFarland · April 6, 2022 Your Cybersecurity Comic Relief **Comic from https://geek-and-poke.com/ and remains unedited. https://creativecommons.org/licenses/by/3.0/ Use of this comic does not indicate endorsement by the creator. ** Why am I here? Welcome...
8.1AI Score
0.971EPSS
The Bug Report - March 2022 Edition
The Bug Report - March 2022 By Charles McFarland · April 6, 2022 Your Cybersecurity Comic Relief **Comic from https://geek-and-poke.com/ and remains unedited. https://creativecommons.org/licenses/by/3.0/ Use of this comic does not indicate endorsement by the creator. ** Why am I here? Welcome...
-0.2AI Score
0.971EPSS
Exploit for Expression Language Injection in Vmware Spring Cloud Function
SpringCloudFunction-Research CVE-2022-22963 research 環境 ...
9.8AI Score
LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting...
6.1CVSS
1.1AI Score
0.001EPSS
LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape some parameters from the payment confirmation page before outputting them back in the page, leading to a Reflected Cross-Site Scripting issue PoC...
6.1CVSS
0.6AI Score
0.001EPSS
WordPress LifterLMS PayPal plugin <= 1.3.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability discovered by Brandon James Roldan in WordPress LifterLMS PayPal plugin (versions <= 1.3.0). Solution Update the WordPress LifterLMS PayPal plugin to the latest available version (at least...
6.1CVSS
2.4AI Score
0.001EPSS
Exploit for Authentication Bypass by Spoofing in Zabbix
CVE-2022-23131 CVE-2022-23131(Unsafe Session Storage)...
9.8CVSS
3.2AI Score
0.97EPSS
Exploit for Authentication Bypass by Spoofing in Zabbix
CVE-2022-23131 CVE-2022-23131(Unsafe Session Storage)...
9.8CVSS
3.2AI Score
0.97EPSS
Exploit for Code Injection in Vmware Spring Framework
Spring-Core-RCE Spring Framework 远程命令执行漏洞(CVE-2022-22965)...
9.8CVSS
0.3AI Score
0.975EPSS
Exploit for Code Injection in Vmware Spring Framework
Spring-Core-RCE Spring Framework 远程命令执行漏洞(CVE-2022-22965)...
9.8CVSS
0.3AI Score
0.975EPSS
Exploit for Code Injection in Vmware Spring Framework
CVE-2022-22965 2022.04.02 16:44 优化了POC,不再是一次性验证 Optimized...
9.8CVSS
0.6AI Score
0.975EPSS
TOTOLINK N300RH has unauthorized access vulnerability
TOTOLINK N300RH is a wireless router.TOTOLINK N300RH is vulnerable to unauthorized access, which can be exploited by attackers to obtain sensitive...
5.1AI Score
Exploit for Code Injection in Vmware Spring Framework
spring-framework-rce CVE-2022-22965 环境需求 tomcat8...
1.3AI Score
Exploit for Code Injection in Vmware Spring Framework
CVE-2022-22965-POC CVE-2022-22965...
9.8CVSS
0.7AI Score
0.975EPSS
Exploit for Code Injection in Vmware Spring Framework
CVE-2022-22965-POC CVE-2022-22965 spring-core批量检测脚本...
9.8CVSS
2.4AI Score
0.975EPSS
Exploit for Code Injection in Vmware Spring Framework
Spring-Core JDK9+ RCE 使用说明 ``` ╰─ ./CVE-2022-22965 -h ...
9.8CVSS
8.6AI Score
0.975EPSS
Exploit for Code Injection in Vmware Spring Framework
Spring-Core JDK9+ RCE 使用说明 ``` ╰─ ./CVE-2022-22965 -h ...
9.8CVSS
8.6AI Score
0.975EPSS
Exploit for Code Injection in Vmware Spring Framework
CVE-2022-22965 CVE-2022-22965 EXP\n 一般环境需求:...
9.8CVSS
1.7AI Score
0.975EPSS
PHPSHE Denial of Service Vulnerability
PHPSHE is an online shopping mall system of Lingbao Jane Good Network Technology Co. The system supports express tracking, online chat, order evaluation and statistics, etc. A denial-of-service vulnerability exists in PHPSHE version V1.8, which stems from improper handling of large number of...
7.5CVSS
1.3AI Score
0.001EPSS
Exploit for Code Injection in Vmware Spring Framework
spring-core-rce spring core rce 简单利用 war可以使用...
0.3AI Score
Exploit for Code Injection in Vmware Spring Framework
Spring Core RCE/CVE-2022-22965 影响范围:JDK>=9...
0.1AI Score