7191 matches found
CVE-2016-10977
The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...
CVE-2016-10927
The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...
CVE-2017-18547
The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms...
CVE-2019-2727
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
CVE-2023-40719
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials...
CVE-2023-25573
metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in /api/jmeter/download/files, which allows any user to download any file without authentication. This issue may expose all files available to the running process. This...
CVE-2025-23789
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tahminajannat URL Shortener | Conversion Tracking | AB Testing | WooCommerce easy-broken-link-checker allows Reflected XSS.This issue affects URL Shortener | Conversion Tracking | AB Testing |...
Cybersecurity AI: A Game-Theoretic AI for Guiding Attack and Defense
AI-driven penetration testing now executes thousands of actions per hour but still lacks the strategic intuition humans apply in competitive security. To build cybersecurity superintelligence --Cybersecurity AI exceeding best human capability-such strategic intuition must be embedded into agentic...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 React2Shell - Proof of Concept ⚠️ SECURIT...
Penetration-testing-toolkit
Python Penetration Testing Toolkit A Python-based penetration t...
Exploit for CVE-2024-45427
CVE-2024-45427 Exploit Generator This script generates a malic...
CVE-2025-1857
A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /checkavailability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate the attack remotely. The...
What Is Security Controls Validation? An Essential Guide
You wouldn’t wait for a real fire to find out if your smoke detectors work or if your team knows the evacuation route. You run fire drills. So why would you wait for a real cyberattack to test your security defenses? This is the simple, powerful idea behind security controls validation. It’s the...
Malicious code in pycolorom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6babcee81c12759b66be4c0a8ba33c3f0272b052a47fda31227f4a6087ba8e5b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
payload-labkit
payload-labkit Salam, praktisi keamanan! Berikut tiga daftar...
Grok apologizes for creating image of young girls in “sexualized attire”
Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...
Exploit for Deserialization of Untrusted Data in Facebook React
🔍 Next.js Security Testing Tool Professiona...
Exploit for Deserialization of Untrusted Data in Facebook React
🔍 Next.js Security Testing Tool Professiona...
MAL-2026-42 Malicious code in pyrogrom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef643052c84683fba662eaded2786ba6fa993e69224608070ad949d4f3d0c3e4 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in pyrogrom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef643052c84683fba662eaded2786ba6fa993e69224608070ad949d4f3d0c3e4 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...