63 matches found
ethical-hacking-security-labs
Ethical Hacking & Network Security Lab Portfolio A hands-on...
Grafana 3.0.1-7.0.1 - Server-Side Request Forgery
Grafana 3.0.1 through 7.0.1 is susceptible to server-side request forgery via the avatar feature, which can lead to remote code execution. Any unauthenticated user/client can make Grafana send HTTP requests to any URL and return its result. This can be used to gain information about the network...
VulnLinux-Exploitation
Lab 01: Vulnerable Linux Reconnaissance + Enumeration + Remote...
CVE-2026-11346
A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...
CVE-2026-10052
A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...
CVE-2026-10052
A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...
CVE-2026-10052
A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...
Movary 安全漏洞
Movary is a film review program developed by Lee Peuker personally. Versions of Movary prior to 0.71.1 contained security vulnerabilities. These vulnerabilities stemmed from the /settings/jellyfin/server-url-verify endpoint, which allowed user-controlled URLs to initiate server-side HTTP requests...
CVE-2026-34360
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the /loadIG HTTP endpoint in the FHIR Validator HTTP service accepts a user-supplied URL via JSON body and makes server-side HTTP requests to it without any hostname,...
GHSA-FMFG-9G7C-3VQ7 ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle
Summary The ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network reconnaissance via an error oracle. Two additional co...
ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle
Summary The ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network reconnaissance via an error oracle. Two additional co...
CVE-2026-32111 ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle
ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...
CVE-2026-32111 ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle
ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...
Server-Side Request Forgery (SSRF)
local-deep-research is vulnerable to Server-Side Request ForgerySSRF. The vulnerability is due to the download service using raw requests.get without applying SSRF protections, which allows an attacker to submit malicious URLs to access internal services, cloud metadata endpoints, or perform...
Exploit for CVE-2017-0143
Cybersecurity Penetration Testing Project Project Overview...
Samba-smbd-3.x-4.x-Exploitation-using-Metasploit
Samba smbd 3.x–4.x Exploitation using Metasploit Project...
ethical-hacking-excersises
Exploitation Techniques – Course Exercises Repository Over...
CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service
Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...
CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service
Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...
Network-Vuln
🔍 Network Vulnerability Scanner !Pythonhttps://img.shiel...