CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component. id: CVE-2024-31839 info: name: CHAOS 5.0.1 'sendCommandHandler' - Cross-Site Scripting author: riteshs4hu severity:...

CVE-2026-31839

creationtimestamp| type| source ---|---|--- 2026-03-12 10:40:06+00:00| seen| https://gist.github.com/alon710/11a61b6d10f7ad9ce72bb2f275b7afb0 2026-03-21 05:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhkcy2q7wx2m...

CVE-2026-31839 Striae has a hash validation utility vulnerability

Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered...

WordPress Footer Contacts Bar plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Khang Duong in WordPress Plugin DN Footer Contacts versions = 1.8.1...

CVE-2025-31839 WordPress Footer Contacts Bar plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in digireturn DN Footer Contacts dn-footer-contacts allows Cross Site Request Forgery.This issue affects DN Footer Contacts: from n/a through = 1.8.1...

CVE-2025-31839 WordPress Footer Contacts Bar plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in digireturn DN Footer Contacts dn-footer-contacts allows Cross Site Request Forgery.This issue affects DN Footer Contacts: from n/a through = 1.8.1...

CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution Exploit

CHAOS version 5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The web application contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The...

CVE-2024-31839

creationtimestamp| type| source ---|---|--- 2024-05-21 10:57:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/chaosratxsstorce.rb 2024-05-23 01:19:51+00:00| seen| https://t.me/arpsyndicate/4958 2024-06-17 12:13:06+00:00|...

CVE-2024-31839

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component...

CHAOS RAT 5.0.1 Remote Command Execution

Exploit Title: CHAOS RAT v5.0.1 RCE Date: 2024-04-05 Exploit Author: @chebuya Software Link: https://github.com/tiagorlampert/CHAOS Version: v5.0.1 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-30850, CVE-2024-31839 Description: The CHAOS RAT web panel is vulnerable to command injection, which can be...

McAfee Agent 5.x prior to 5.7.3 Multiple Vulnerabilities (SB10362)

The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is 5.x prior to 5.7.3. It is, therefore, affected by the following vulnerabilities: - An improper privilege management vulnerability exists due to a local user having the ability to edit the...

CVE-2021-31839

CVE-2021-31839 affects McAfee Agent for Windows prior to 5.7.3. The issue is an improper privilege management that lets a local user modify the MA event folder, enabling adding false events or removing events from logs before they are sent to the ePO server. Impact is limited to local privilege e...