HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: HAWKI Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany vulnerable version: 1.0.0-beta.1,...

CVE-2024-4858

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savetestimonialsoptioncallback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated attackers to updat...

CVE-2024-4858 Testimonial Carousel For Elementor <= 10.2.0 - Missing Authorization to Limited Setting Update

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savetestimonialsoptioncallback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated attackers to updat...

CVE-2024-4858

CVE-2024-4858 affects the WordPress plugin Testimonial Carousel for Elementor (WordPress plugin). The vulnerability is due to a missing capability check in the function save_testimonials_option_callback, present in versions up to and including 10.2.0, enabling unauthenticated attackers to modify ...

PT-2024-33154 · Openai · Openai Api

Name of the Vulnerable Software and Affected Versions: The Testimonial Carousel For Elementor plugin for WordPress versions up to, and including, 10.2.0 Description: The issue is related to a missing capability check on the save testimonials option callback function, allowing unauthorized...

Galah - An LLM-powered Web Honeypot Using The OpenAI API

TL;DR: Galah /ɡəˈlɑː/ - pronounced 'guh-laa' is an LLM Large Language Model powered web honeypot, currently compatible with the OpenAI API, that is able to mimic various applications and dynamically respond to arbitrary HTTP requests. Description Named after the clever Australian parrot known for...

Attackgen - Cybersecurity Incident Response Testing Tool That Leverages The Power Of Large Language Models And The Comprehensive MITRE ATT&CK Framework

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details. Star the...

Pentest-Muse-Cli - AI Assistant Tailored For Cybersecurity Professionals

Pentest Muse is an AI assistant tailored for cybersecurity professionals. It can help penetration testers brainstorm ideas, write payloads, analyze code, and perform reconnaissance. It can also take actions, execute command line codes, and iteratively solve complex tasks. Pentest Muse Web App In...

ai.optfor:spring-openai-api (>=0.1 <=0.3.25), am.ik.s3:simple-s3-client (>=0.1.0 <=0.1.1) +3835 more potentially affected by CVE-2024-22259 via org.springframework:spring-web (>=6.0.0 <=6.0.17)

org.springframework:spring-web MAVEN version =6.0.0, =0.1, =0.1.0, =0.2.3, =0.2.3, =4.0.0, =1.5.0.RELEASE, =1.5.1.RELEASE, =1.5.0.RELEASE, =2.1.0.RELEASE, =1.5.0.RELEASE, =1.5.2.RELEASE - be.tomcools:rickroll-security-spring-boot-starter =3.1.1 -...

AiCEF - An AI-assisted cyber exercise content generation framework using named entity recognition

AiCEF is a tool implementing the accompanying framework 1 in order to harness the intelligence that is available from online resources, as well as threat groups' activities, arsenal eg. MITRE, to create relevant and timely cybersecurity exercise content. This way, we abstract the events from the...

GPT_Vuln-analyzer - Uses ChatGPT API And Python-Nmap Module To Use The GPT3 Model To Create Vulnerability Reports Based On Nmap Scan Data

This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already super useful ChatGPT. Requirements Python 3.10 All the packages mentioned in the requirements.txt file OpenAi api...