58828 matches found
CVE-2025-34126
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This...
CVE-2025-34126 RIPS Scanner v0.54 Path Traversal
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This...
CVE-2025-34126
The connected sources confirm CVE-2025-34126 is a path-traversal flaw in RIPS Scanner v0.54 that allows remote attackers to read arbitrary files via the windows/code.php?file= parameter. Impact is information disclosure with network access and no privileges required per the CVSS data (AV:N/AC:L/P...
CVE-2025-34126 RIPS Scanner v0.54 Path Traversal
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This...
CVE-2025-6043
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...
CVE-2025-6043 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...
CVE-2025-6043 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion
The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmrdeletefile function in all versions up to, and including, 17.0. This makes it possible for authenticated attackers, with...
CVE-2025-6043
CVE-2025-6043 affects the Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin up to version 16.8. The vulnerability is an authenticated Arbitrary File Deletion due to a missing capability check in wpmr_delete_file(), exploitable by subscribers and above, but only when advanc...
WordPress Malcure Malware Scanner plugin <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Malcure Malware Scanner versions = 17.0...
PT-2025-29888 · Unknown · Rips Scanner
Name of the Vulnerable Software and Affected Versions: RIPS Scanner version 0.54 Description: A path traversal vulnerability exists that allows remote attackers to read arbitrary files on the system with the privileges of the web server. This is achieved by sending crafted HTTP GET requests to th...
WordPress plugin Malcure Malware Scanner 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-29708 · WordPress · Malcure Malware Scanner — #1 Toolset For Wordpress Malware Removal
Name of the Vulnerable Software and Affected Versions: Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress versions through 16.8 Description: The Malcure Malware Scanner — 1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary Fi...
GraphQL Introspection Scanner
This module queries a GraphQL API Endpoint to retrieve schema data by using introspection, if it is enabled on the server. This module works on all GraphQL versions. Module Options msf use auxiliary/scanner/http/graphqlintrospectionscanner msf auxiliarygraphqlintrospectionscanner show actions...
Cisco Secure Endpoint Connector Installed (macOS)
Binary data ciscosecureendpointconnectormacinstalled.nbin...
OP-SEC Multi-Router Looking Glass Web Detection
Binary data op-secmrlgdetect.nbin...
Exploit for CVE-2025-34085
CVE-2025-34085 Multi-Target RCE Scanner Mass-exploitation s...
CVE-2025-48924 vulnerabilities
Vulnerabilities for packages: spdx-tools-java, solr, akhq, apache-nifi, nextflow, thingsboard, dependency-track, cassandra, keycloak-config-cli, infinispan, kserve-modelmesh, apache-tika, apicurio-registry, management-api-for-apache-cassandra-5.0, jenkins-plugin-manager, gradle, sonar-scanner-cli...
GHSA-J288-Q9X7-2F5V vulnerabilities
Vulnerabilities for packages: spdx-tools-java, solr, akhq, apache-nifi, nextflow, thingsboard, dependency-track, cassandra, keycloak-config-cli, infinispan, kserve-modelmesh, apache-tika, apicurio-registry, management-api-for-apache-cassandra-5.0, jenkins-plugin-manager, gradle, sonar-scanner-cli...
GHSA-J288-Q9X7-2F5V vulnerabilities
Vulnerabilities for packages: apache-nifi-registry, debezium-connector-spanner, confluent-kafka, management-api-for-apache-cassandra-5.0, tritonserver-backend-vllm, apache-hop-fips, spark-fips, kafka, apache-tika, gradle, apache-activemq-artemis, dependency-track, jenkins-plugin-manager, leininge...
CVE-2025-53653
Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...