Lucene search
K

7782 matches found

Nuclei
Nuclei
added 14 hours ago54 views

Sony IPELA Engine IP Camera - Hardcoded Account

Multiple SONY network cameras are vulnerable to sensitive information disclosure via hardcoded credentials. id: CVE-2016-7834 info: name: Sony IPELA Engine IP Camera - Hardcoded Account author: af001 severity: high description: | Multiple SONY network cameras are vulnerable to sensitive informati...

8.8CVSS7AI score0.03901EPSS
Exploits0References5
Nuclei
Nuclei
added 14 hours ago22 views

WordPress Product Slider Pro for WooCommerce < 3.5.4 - Supply Chain Backdoor RCE

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4. id: CVE-2026-49777 info: name: WordPress Product Slider Pro f...

10CVSS6.1AI score0.01656EPSS
Exploits3References3
Nuclei
Nuclei
added 14 hours ago19 views

KevinLAB BEMS (Building Energy Management System) - Backdoor Account

KevinLAB BEMS has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highes...

9CVSS6.9AI score0.06719EPSS
Exploits2References2
Nuclei
Nuclei
added 14 hours ago16 views

FatPipe WARP/IPVPN/MPVPN - Backdoor Account

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain an account named "cmuser" with administrative privileges and no password, letting attackers gain unauthorized admin access, exploit requires no authentication. id: CVE-2021-27856 info: name: FatPipe...

9.8CVSS7AI score0.05598EPSS
Exploits1References4
Nuclei
Nuclei
added 14 hours ago51 views

Ruckus vRioT IoT Controller - Authentication Bypass

Ruckus vRioT through 1.5.1.0.21 contains an API backdoor caused by a hardcoded token in validatetoken.py,letting unauthenticated attackers interact with the API without authentication. id: CVE-2020-26879 info: name: Ruckus vRioT IoT Controller - Authentication Bypass author: DhiyaneshDk severity:...

10CVSS7AI score0.42479EPSS
Exploits1References6
Nuclei
Nuclei
added 14 hours ago101 views

The School Management < 9.9.7 - Remote Code Execution

The School Management plugin before version 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site. id: CVE-2022-1609 info: name: The School Management 9.9.7 -...

9.8CVSS7.4AI score0.64321EPSS
Exploits6References5
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in node-fsmetrics-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9958558a30dea32a3b0fc2e48bb775433e1f12b339030a8d21872ad058bc28ff On require, index.js hex-decodes the URL http://152.53.120.90/cmd and starts a background loop that polls /cmd/commands, executes returned strings vi...

6.1AI score
Exploits0References2
OSV
OSV
added yesterday3 views

MAL-2026-10480 Malicious code in node-fsmetrics-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9958558a30dea32a3b0fc2e48bb775433e1f12b339030a8d21872ad058bc28ff On require, index.js hex-decodes the URL http://152.53.120.90/cmd and starts a background loop that polls /cmd/commands, executes returned strings vi...

6.1AI score
Exploits0References2
Nuclei
Nuclei
added 3 days ago29 views

D-Link Network Attached Storage - Backdoor Account

A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user...

10CVSS6.9AI score0.98038EPSS
Exploits2References2
Metasploit
Metasploit
added 4 days ago21 views

FTP Fetch, Windows Command Shell, Reverse All-Port TCP Stager

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/shell/reversetcpallports msf payloadreversetcpallports show actions ...actions...

6.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in stella-coder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c3ed879ef15a68d537ad7b6ddb59508aba58eee49c8ca19b916ef59a0c2da6 stella-cli/telegram-bot.mjs hardcodes a Telegram bot API token BOTTOKEN = "8923551485:AAFw4wG8ZwOtp5rzFsnguxhu4AH-2ebSi0" that is controlled by the...

6.2AI score
Exploits0References11
NVD
NVD
added 4 days ago8 views

CVE-2026-12685

The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...

7.5CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-12685

The CVE describes a backdoor in the EscortWP escortwp WordPress theme up to version 3.6.2. The backdoor is vendor-authored and obfuscated, allowing an unauthenticated attacker who supplies a hard-coded per-build key to permanently delete all site content. It also covertly transmits the site URL, ...

7.5CVSS5.8AI score0.00222EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42830

The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...

7.5CVSS6AI score0.00222EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-12685

The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator emai...

7.5CVSS6AI score0.00222EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 5 days ago17 views

GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware

In this article 1. A wiper inside a backdoor 2. Backdoor capabilities 3. How GigaWiper was assembled 4. Conclusion: Multiple destructive capabilities consolidated into a single implant 5. Defending against destructive threats 6. Microsoft Defender detections 7. Indicators of compromise In October...

6.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago11 views

Malicious code in paperclip-adapter-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49d1a6c5381f58370cbfedc2321bd44796eb4ea79541d967a661760d9759801 [email protected] executes a credential-theft and C2 backdoor automatically on import. The package's main re-exports...

6.1AI score
Exploits0References15
NVD
NVD
added 6 days ago8 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 4:19 p.m.10 views

Malicious code in whs4_npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47695d571fe82fbb4402e8cc7f56c05e1cb21d0bc8089ccbd8fca32f8cf5a57c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 3:13 p.m.9 views

Malicious code in jsf-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6a2a0bbd4939a789673bdca08866c9be58dd361df175695e7f8c1141bed4e47 On require'jsf-utils', lib/string/pathcase.js runs a top-level async IIFE that fetches a JavaScript payload from https://jsonkeeper.com/b/BPB86 and...

6.1AI score
Exploits0References3
Rows per page
Query Builder