74 matches found
CORScanner
CORS Exploiter Automated CORS misconfiguration scanner with...
web-pentest-tool
🛡️ AutoPenTest — Automated Penetration Testing Tool ⚠️ DI...
cyberops-security-suite
CyberOps Security Suite A comprehensive cybersecurity operati...
PySpector 跨站脚本漏洞
PySpector is a high-performance Python static security analysis framework developed by Tommaso Bona. Versions of PySpector 0.1.6 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting mechanism in the HTML report generator,...
Stored XSS in PySpector HTML Report Generation leads to Javascript Code Execution
Summary PySpector versions = 0.1.6 are affected by a stored Cross-Site Scripting XSS vulnerability in the HTML report generator. When PySpector scans a Python file containing JavaScript payloads i.e. inside a string passed to eval , the flagged code snippet is interpolated into the HTML report...
CVE-2019-18932
log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...
EUVD-2017-1731
Malware in sbrugna...
EUVD-2008-7207
Malware in sbrugna...
EUVD-2019-8605
Malware in sbrugna...
EUVD-2020-30230
Malware in sbrugna...
EUVD-2008-1177
Malware in sbrugna...
EUVD-2008-7206
Malware in sbrugna...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2019-19909
An issue was discovered in Public Knowledge Project PKP pkp-lib before 3.1.2-2, as used in Open Journal Systems OJS before 3.1.2-2. Code injection can occur in the OJS report generator if an authenticated Journal Manager user visits a crafted URL, because unserialize is used...
CVE-2008-7250
Cross-site scripting XSS vulnerability in Squid Analysis Report Generator Sarg 2.2.4 allows remote attackers to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log. NOTE: this issue exists...
CVE-2025-23044
PwnDoc (pwndoc) is affected by a CSRF vulnerability due to missing protection and SameSite cookies, enabling cross-site requests on behalf of authenticated users. The issue is associated with the project commit 14acb704891245bf1703ce6296d62112e85aa995, which patches the vulnerability. Public desc...
CVE-2024-55653
CVE-2024-55653 affects the PwnDoc open-source tool, with versions up to and including 0.5.3. The root issue is an authentication-bypassable path that can raise an UnhandledPromiseRejection on audits, causing the backend to crash. This makes the entire application unresponsive and unusable for all...
Ease the Burden with AI-Driven Threat Intelligence Reporting
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. Cybersecurity...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...