262 matches found
CVE-2026-26418
The CVE-2026-26418 entry affects Tata Consultancy Services Cognix Recon Client v3.0. The vulnerability is a missing authentication and authorization flaw in the web API, enabling remote attackers to access application functionality over the network without restriction. According to the provided m...
PT-2026-23478
Name of the Vulnerable Software and Affected Versions Tata Consultancy Services Cognix Recon Client version 3.0 Description A lack of proper authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 enables remote attackers to access application...
Kestrel
Kestrel LLM-Assisted Bug Bounty Hunting Platform for Kali L...
gotham-recon
Documentation Complete du Systeme d'Agents CrewAI Guide t...
PT-2025-132: Server-side Request Forgery (SSRF) in OpenPDF
The vulnerability was identified in OpenPDF, versions 2.0.3. The discovered vulnerability allows an attacker craft arbitrary HTTP requests that the vulnerable server will send to both external services and internal network endpoints. By exploiting this, the attacker can exfiltrate sensitive data...
📄 dotCMS 24.04.24 Vulnerability Scanner
dotCMS version 24.04.24 advanced exploitation python scanning script that looks for local file inclusion, data exposure, SQL injection, and more. ============================================================================================================================================= | Title :...
Exploit for Deserialization of Untrusted Data in Facebook React
⚡ CVE-2025-55182 – Auto Exploit Toolkit Precision Engine...
CVE-2025-63551
MetInfo CMS, up to version 8.1, contains an SSRF flaw exploitable via XXE in its XML parsing logic. An attacker can craft a malicious XML entity that makes the server issue an HTTP request to an internal or external address, potentially enabling internal network reconnaissance, port scanning, or ...
EUVD-2018-13295
Malware in sbrugna...
EUVD-2021-16072
Malware in sbrugna...
CVE-2025-34225
Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a server-side request forgery SSRF vulnerability. The consolerelease directory is reachable from the internet without any authentication. Insi...
Exploit for Path Traversal in Igniterealtime Openfire
!Burp Suitehttps://img.shields.io/badge/Burp%20Suite-Pro%20E...
Linux Distros Unpatched Vulnerability : CVE-2018-20752
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitte...
OSV-2025-589 Heap-buffer-overflow in isvcd_decode_recon_tfr_nmb_base_lyr
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=435086517 Crash type: Heap-buffer-overflow READ 1 Crash state: isvcddecoderecontfrnmbbaselyr isvcdparseinterslicedatacabac isvcdparsepslice...
Exploit for CVE-2007-6750
ReconScan The purpose of this project is to develop scripts that can be useful in the pentesting workflow, be it for VulnHub VMs, CTFs, hands-on certificates, or real-world targets. The project currently consists of two major components: a script invoking and aggregating the results of existing...
gimmePATz - GitHub Personal Access Token (PAT) Recon Tool 1.0.0
gimmePatz is a recon tool for GitHub PATs. Designed for bug bounty hunters, pentesters and red teams. gimmePatz will tell you what scopes a PAT has, and it will tell you what repositories or GitHub Organizations the PAT is attached to as well...
CVE-2021-41532
In Apache Ozone before 1.2.0, Recon HTTP endpoints provide access to OM, SCM and Datanode metadata. Due to a bug, any unauthenticated user can access the data from these endpoints...
CVE-2021-29461
Discord Recon Server is a bot that allows one to do one's reconnaissance process from one's Discord. A vulnerability in Discord Recon Server prior to 0.0.3 could be exploited to read internal files from the system and write files into the system resulting in remote code execution. This issue has...
CVE-2021-21433
Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2...
X-Recon - A Utility For Detecting Webpage Inputs And Conducting XSS Scans
A utility for identifying web page inputs and conducting XSS scanning. Features: Subdomain Discovery: Retrieves relevant subdomains for the target website and consolidates them into a whitelist. These subdomains can be utilized during the scraping process. Site-wide Link Discovery: Collects all...