Lucene search
K

17 matches found

Patchstack
Patchstack
added 2026/01/05 10:37 p.m.9 views

WordPress Table Field Add-on for ACF and SCF plugin <= 1.3.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Table Cell Content vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Table Cell Content vulnerability discovered by shark3y in WordPress Plugin Table Field Add-on for ACF and SCF versions = 1.3.30...

6.4CVSS5.5AI score0.00159EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.6 views

The vulnerability of the SCF file processing mechanism in Windows operating systems allows attackers to exploit the NTLM hash.

The vulnerability of the SCF-file processing mechanism in Windows operating systems is related to the lack of authentication for the critical function. Exploiting this vulnerability allows a remote attacker to reveal the NTLM hash when a user opens a folder containing a specially crafted SCF-file...

7.8CVSS5.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/09 12:0 a.m.6 views

PT-2024-29426 · WordPress · Simple Basic Contact Form

Name of the Vulnerable Software and Affected Versions: Simple Basic Contact Form plugin for WordPress versions up to and including 20221201 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts vi...

6.1CVSS7.5AI score0.00507EPSS
Exploits0References4
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/09/27 5:29 a.m.20 views

Which security framework? All of them, in the SCF

TL;DR: All roads lead to Rome. There are plenty of ways to meet your security requirements ISO 27001 is not everything. There, I said it What is the Secure Controls Framework SCF? Why you should consider SCF on your journey to security excellence PTP has a myriad of customers coming for help to...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/07/13 12:0 a.m.7 views

The vulnerability of the Mozilla Firefox browser on Windows operating systems, related to security configuration errors, allows attackers to access confidential information.

The vulnerability of the Mozilla Firefox browser on Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information using a created .scf script...

10CVSS7AI score0.00523EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/06/02 5:15 p.m.4 views

CVE-2023-25740

After downloading a Windows .scf script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.This bug only affects Firefox for Windows. Other...

8.8CVSS7.4AI score0.00523EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/06/02 5:15 p.m.26 views

CVE-2023-25740

After downloading a Windows .scf script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.This bug only affects Firefox for Windows. Other...

8.8CVSS6.9AI score0.00523EPSS
Exploits0References2
Prion
Prion
added 2023/06/02 5:15 p.m.20 views

Design/Logic Flaw

After downloading a Windows .scf script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.This bug only affects Firefox for Windows. Other...

6.8CVSS7.8AI score0.00523EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/06/02 12:0 a.m.128 views

CVE-2023-25740

CVE-2023-25740 affects Firefox for Windows (pre-110). After downloading a Windows .scf script from the local filesystem, an attacker could specify a remote path that triggers unexpected network requests by the OS and may leak NTLM credentials. Impact is limited to Firefox on Windows; other OSes a...

8.8CVSS7.7AI score0.00523EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/06/02 12:0 a.m.30 views

CVE-2023-25740

After downloading a Windows .scf script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.This bug only affects Firefox for Windows. Other...

8.8CVSS7.8AI score0.00523EPSS
Exploits0
0day.today
0day.today
added 2018/08/07 12:0 a.m.32 views

Microsoft Windows SCF File Feature Bypass Vulnerability

Microsoft Windows suffers from an SCF open file security warning feature bypass vulnerability. Exploit Title: Microsoft Windows 'SCF' File 'Open File Security Warning' Feature Bypass Vulnerability Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/08/06 12:0 a.m.39 views

Microsoft Windows SCF File Feature Bypass

Exploit Title: Microsoft Windows 'SCF' File 'Open File Security Warning' Feature Bypass Vulnerability Google Dork: N/A Date: August 3, 2018 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7 SP1, 8.1 with full...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2018/02/25 9:24 p.m.29 views

icebreaker - Gets Plaintext Active Directory Credentials If You'Re On The Internal Network

Break the ice with that cute Active Directory environment over there. Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you're inside the network but outside of the Active Directory environment. Performs 5 different network attacks for plainte...

7.6AI score
Exploits0References2
n0where
n0where
added 2018/02/03 2:13 a.m.74 views

Automate Network Attacks Against Active Directory: icebreaker

Break the ice with that cute Active Directory environment over there. Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you’re inside the network but outside of the Active Directory environment. Performs 5 different network attacks for plainte...

7.9AI score
Exploits0References2
0day.today
0day.today
added 2017/10/25 12:0 a.m.34 views

Windows NTLM Auth Hash Disclosure / Denial Of Service Vulnerabilities

Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine. Hello, I want to share some information with the people on the list. On May 24, I found a problem with NTLM auth on Windows. Under certain circumstances a shared...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2017/10/25 12:0 a.m.30 views

Windows NTLM Auth Hash Disclosure / Denial Of Service

Hello, I want to share some information with the people on the list. On May 24, I found a problem with NTLM auth on Windows. Under certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine. This was already reported to MSRC on...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2017/05/16 10:24 p.m.23 views

Beware! Hackers Can Steal Your Windows Password Remotely Using Chrome

A security researcher has discovered a serious vulnerability in the default configuration of the latest version of Google's Chrome running on any version of Microsoft's Windows operating system, including Windows 10, that could allow remote hackers to steal user's login credentials. Researcher...

7.3AI score
Exploits0
Rows per page
Query Builder