259 matches found
XSScpl
XSScpl - Scanner Profissional de XSS Refletido O que é? XS...
CVE-2025-8417 Catalog Importer, Scraper & Crawler <= 5.1.4 - Unauthenticated PHP Code Injection
The Catalog Importer, Scraper & Crawler plugin for WordPress is vulnerable to PHP code injection in all versions up to, and including, 5.1.4. This is due to reliance on a guessable numeric token e.g. ?key= 900001705 without proper authentication, combined with the unsafe use of eval on...
CVE-2025-8417
CVE-2025-8417 affects the WordPress plugin Catalog Importer, Scraper & Crawler (versions
WordPress Catalog Importer, Scraper & Crawler plugin <= 5.1.4 - Unauthenticated PHP Code Injection vulnerability
Unauthenticated PHP Code Injection vulnerability discovered by CVEhunter in WordPress Plugin Catalog Importer, Scraper & Crawler versions = 5.1.4...
WordPress plugin Catalog Importer Scraper Crawler 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...
Malicious code in phantomjs-crawler-demo (npm)
The package phantomjs-crawler-demo was found to contain malicious code...
MAL-2025-29114 Malicious code in phantomjs-crawler-demo (npm)
The package phantomjs-crawler-demo was found to contain malicious code...
漏洞扫描工具
This is a vulnerability scanning tool, which combines multiple network security techniques to automate vulnerability detection. The tool includes four core scanning technologies: SQL injection detection, XSS detection, path traversal detection, and sensitive information disclosure detection. It...
When Blockchain Meets Crawlers: Real-Time Market Analytics in Solana NFT Markets
In this paper, we design and implement a web crawler system based on the Solana blockchain for the automated collection and analysis of market data for popular non-fungible tokens NFTs on the chain. Firstly, the basic information and transaction data of popular NFTs on the Solana chain are...
Malicious code in miro-plugin-tag-crawler (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-4569 Malicious code in miro-plugin-tag-crawler (npm)
The package communicates with a domain associated with malicious activity...
CVE-2024-56361
LGSL Live Game Server List provides online status for games. Before 7.0.0, a stored cross-site scripting XSS vulnerability was identified in lgsl. The function lgslquery40 in lgslprotocol.php has implemented an HTTP crawler. This function makes a request to the registered game server, and upon...
CVE-2024-0243
With the following crawler configuration: python from bs4 import BeautifulSoup as Soup url = "https://example.com" loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.load An attacker in control of the contents of https://example.com could...
CVE-2022-40357
A security issue was discovered in Z-BlogPHP = 1.7.2. A Server-Side Request Forgery SSRF vulnerability in the zbusers/plugin/UEditor/php/actioncrawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter...
CVE-2021-32849
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
CVE-2025-46675
creationtimestamp| type| source ---|---|--- 2025-04-27 01:08:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13593 2025-04-27 01:48:41+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114407408963291150 2025-04-27 03:35:25+00:00| seen|...
Snorkeling in Dark Waters: a Longitudinal Surface Exploration of Unique Tor Hidden Services (Extended Version)
The Onion Router Tor is a controversial network whose utility is constantly under scrutiny. On the one hand, it allows for anonymous interaction and cooperation of users seeking untraceable navigation on the Internet. This freedom also attracts criminals who aim to thwart law enforcement...
CVE-2025-27600 FastGPT SSRF
FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intrane...
FastGPT 代码问题漏洞
FastGPT is labring open source a large language model based on the open source knowledge base question and answer system. A code issue vulnerability exists in FastGPT versions prior to 4.9.0, which stems from the web crawler plugin not performing intranet IP validation, which could lead to the...
CVE-2025-22775
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in idiatech Catalog Importer, Scraper & Crawler intelligent-importer allows Reflected XSS.This issue affects Catalog Importer, Scraper & Crawler: from n/a through = 5.1.3...