975 matches found
Modular DS - Broken Access Control
Modular DS = 2.5.1 contains a broken access control vulnerability caused by incorrect privilege assignment, letting attackers escalate their privileges, exploit requires no special conditions. id: CVE-2026-23550 info: name: Modular DS - Broken Access Control author: DhiyaneshDk severity: high...
CVE-2026-25510
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution RCE by leveraging the file creation and sav...
EUVD-2026-5163
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, the authentication implementation in CI4MS is vulnerable to email enumeration. An unauthenticated attacker can determine whether...
Exploit for Improper Input Validation in Boa Boa_Webserver
BOA Router Exploit Framework !Python Versionhttps://img...
nightfury
NightFury Framework Version 2.0 | Professional Red Team Ope...
PIDSMaker: Building and Evaluating Provenance-Based Intrusion Detection Systems
Recent provenance-based intrusion detection systems PIDSs have demonstrated strong potential for detecting advanced persistent threats APTs by applying machine learning to system provenance graphs. However, evaluating and comparing PIDSs remains difficult: prior work uses inconsistent preprocessi...
📄 Metasploit Web Delivery PHP Proof of Concept
This project presents an advanced proof of concept that emulates the behavior of Metasploit's multi/script/webdelivery module using PHP. The goal is to demonstrate how script-based payload delivery works in a modular and extensible way, without relying directly on Metasploit. The script launches ...
CVE-2026-23800
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0...
CVE-2026-23800
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0...
CVE-2026-23800 WordPress Modular DS plugin <= 2.5.2 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0...
CVE-2026-23800
CVE-2026-23800 concerns the Modular DS modular-connector in WordPress Modular DS plugin versions 2.5.2 up to 2.5.9, where an incorrect privilege assignment could enable privilege escalation. Multiple sources (NVD, Red Hat, CVE list, vuln enrichment) confirm the issue and scope: affected product i...
CVE-2026-23800 WordPress Modular DS plugin <= 2.5.2 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0...
CVE-2026-23800
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0...
WordPress Modular DS plugin <= 2.5.2 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Modular DS versions 2.5.2...
PT-2026-3323
Name of the Vulnerable Software and Affected Versions Modular DS versions 2.5.2 through 2.5.9 Description An incorrect privilege assignment exists in the Modular DS modular-connector component, potentially allowing for privilege escalation. The issue allows an attacker to gain elevated privileges...
VulnCheck KEV: CVE-2026-23800
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0...
WordPress plugin Modular DS modular-connector has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Exploit for CVE-2026-23550
CYBERDUDEBIVASH Modular DS CVE-2026-23550 Detector Overvie...
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access
A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 CVSS score: 10.0, has been described as a case of unauthenticated privilege escalation impacting all...
CVE-2026-23550
Incorrect Privilege Assignment vulnerability in Modular DS Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from n/a through = 2.5.1...