Exploit for SQL Injection in Litellm

CVE-2026-42208 — LiteLLM SQL Injection Scanner 🤖 Detects SQL...

Web-Application-Vulnerability-Scanner

Web-Application-Vulnerability-Scanner Developed a Python-...

CORScanner

CORS Exploiter Automated CORS misconfiguration scanner with...

CVE-2025-52024

A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthenticated users. By accessing specific URLs, an attacker is presented with a directory-style index listing all available backend services and POS web services,...

XSSREFLECTOR

XSS Reflector XSS Reflector adalah tools otomatis untuk...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect

ScreenConnect CVE-2024-1709 Exploit Tool A Python tool to che...

CVE-2022-29316

Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result=advancesearch...

Scaling Dynamic Application Security Testing (DAST)

Introduction Microsoft engineering teams use the Security Development Lifecycle to ensure our products are built in alignment with Microsoft’s Secure Future Initiative security principles: Secure by Design, Secure by Default, and Secure Operations. A key component of the Security Development...

PT-2024-26108 · Sap · Sap Business Workflow

Name of the Vulnerable Software and Affected Versions: SAP Business Workflow affected versions not specified Description: The issue allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests, potentially resulting in...

GAP-Burp-Extension - Burp Extension To Find Potential Endpoints, Parameters, And Generate A Custom Target Wordlist

This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing. The full Help documentation can b...

Moxa EDS Ethernet Switches Uncontrolled Resource Consumption (CVE-2019-19707)

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices with firmware through 6.0, denial of service can occur via PROFINET DCE-RPC endpoint discovery packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Metlo - An Open-Source API Security Platform

Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create an Inventory of all your APIEndpoints and Sensitive Data. Detect common API vulnerabilities. Proactively test your APIs before they go into production. Detect API attacks in real time. Metlo does this by...

xnLinkFinder - A Python Tool Used To Discover Endpoints (And Potential Parameters) For A Given Target

About - v2.0 This is a tool used to discover endpoints and potential parameters for a given target. It can find them by: crawling a target pass a domain/URL crawling multiple targets pass a file of domains/URLs searching files in a given directory pass a directory name get them from a Burp projec...

envoy: Segfault in GrpcHealthCheckerImpl

A flaw was found in Envoy. This flaw allows an attacker who controls an upstream host and also controls service discovery of that host via DNS, the EDS API, etc. to crash Envoy by forcing the removal of the host from service discovery and then failing the gRPC health check request. This issue...

CVE-2021-25847

Improper validation of the length field of LLDP-MED TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop counter variable via a crafted lldp packet...

etcd: no authentication is performed against endpoints provided in the --endpoints flag

A flaw was found in etcd. The gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No...

CWFF - Create Your Custom Wordlist For Fuzzing

CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible using concurrency and it's heavily inspired by @tomnomnom's Who, What, Where, When, Wordlist NahamCon2020. Usage CWFF -h --threads --github --subdomains --recursive...

CVE-2019-19707

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices with firmware through 6.0, denial of service can occur via PROFINET DCE-RPC endpoint discovery packets...

CVE-2019-19707

On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices with firmware through 6.0, denial of service can occur via PROFINET DCE-RPC endpoint discovery packets...

CVE-2019-19707

CVE-2019-19707 affects Moxa EDS-G508E, EDS-G512E, and EDS-G516E Ethernet Switches (firmware up to 6.0). The issue enables denial-of-service via PROFINET DCE-RPC endpoint discovery packets, stemming from uncontrolled resource consumption. Impact is DoS on affected devices, potentially taking them ...