PT-2026-36132

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

CVE-2025-58441 Knowage is vulnerable to blind server-side request forgery (SSRF)

Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact o...

S3Crets_Scanner - Hunting For Secrets Uploaded To Public S3 Buckets

S3cret Scanner tool designed to provide a complementary layer for the Amazon S3 Security Best Practices by proactively hunting secrets in public S3 buckets. Can be executed as scheduled task or On-Demand Automation workflow The automation will perform the following actions: 1. List the public...

Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC

Exploit for multiple platform in category remote exploits !/usr/bin/env python import socket import string import getopt, sys knownports = 0,21,22,23,25,53,69,80,110,137,139,443,445,3306,3389,5432,5900,8080 def sendrequesturl, apachetarget, apacheport, internaltarget, internalport, resource: get ...

PT-2010-3299 · Squirrelmail +1 · Squirrelmail +1

Name of the Vulnerable Software and Affected Versions: SquirrelMail versions 1.4.20 and earlier Description: The issue allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number. This is made possible...