Lucene search
+L

2886 matches found

Gitee
Gitee
added 2025/08/09 11:2 p.m.90 views

commix

This is an automated all-in-one OS command injection exploitation tool. It is designed to automate the detection and exploitation of command injection vulnerabilities. The tool is written in Python and is available on GitHub under the GPLv3 license. It can be installed by cloning the official Git...

8.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.3 views

PT-2025-32003 · Fiber · Fiber

Name of the Vulnerable Software and Affected Versions: Fiber versions 2.52.8 and below Description: Fiber is an Express inspired web framework written in Go. When using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704...

8.7CVSS6.5AI score0.00355EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2025/08/04 11:39 p.m.95 views

PoC_Vuldb

It is an offensive tool for web applications. The repository app...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.13 views

The vulnerability of the resize() and text() methods of the ImageMagick framework, which are used for developing web systems and CodeIgniter applications, allows attackers to load arbitrary files.

The vulnerability of the resize and text methods of the ImageMagick framework used for developing web systems and CodeIgniter applications relates to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote...

10CVSS6AI score0.01495EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/07/29 1:38 p.m.5 views

RLSA-2025:8844 Important: mod_security security update

ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS6.8AI score0.00586EPSS
Exploits1References2
Gitee
Gitee
added 2025/07/27 4:45 a.m.86 views

Dictionary-Of-Pentesting

This repository is an offensive tool for bug bounty hunting and penetration testing, specifically a dictionary collection project for various types of attacks, including Pentesing, Fuzzing, Bruteforce, and BugBounty. The primary target product/service is not explicitly stated, but the repository...

6.6AI score
Exploits0
Gitee
Gitee
added 2025/07/27 4:3 a.m.109 views

command-injection-payload-list

It is an offensive tool for web application security. The primary CVE ID is not explicitly mentioned, but the description pertains to OS command injection vulnerabilities. The target product/service is web applications, and the vulnerability class/vector is OS command injection. Notable...

7.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/20 12:0 a.m.6 views

PT-2025-30201 · Unknown · Enterprise Web Applications

Name of the Vulnerable Software and Affected Versions: Enterprise Web Applications affected versions not specified Description: The software contains a Server-Side Request Forgery SSRF flaw. This issue allows an attacker to potentially make requests on behalf of the server, potentially accessing...

8.6CVSS6.1AI score0.00242EPSS
Exploits0References6
CVE
CVE
added 2025/07/11 12:0 a.m.25 views

CVE-2023-38327

The CVE-2023-38327 issue affects eGroupWare version 17.1.20190111. Affected component is the calendar/freebusy.php endpoint, where an unauthenticated remote attacker can enumerate web application users based on server response. The vulnerability is a user enumeration flaw with a CVSS v3.1 base sc...

5.3CVSS7.3AI score0.00301EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2025/07/10 5:38 p.m.7 views

Modeling CORS frameworks with CodeQL to find security vulnerabilities

There are many different types of vulnerabilities that can occur when setting up CORS for your web application, and insecure usage of CORS frameworks and logic errors in homemade CORS implementations can lead to serious security vulnerabilities that allow attackers to bypass authentication. What'...

7.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/07/02 7:58 a.m.88 views

CVE-Issues

It is an offensive tool for web applications. The repository app...

8.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.6 views

PT-2025-27593 · WordPress · Amazon Products To Woocommerce

Name of the Vulnerable Software and Affected Versions: Amazon Products to WooCommerce plugin for WordPress versions prior to 1.2.8 Description: The issue allows unauthenticated attackers to make web requests to arbitrary locations originating from the web application. This can be used to query an...

7.2CVSS6.4AI score0.00223EPSS
Exploits0References5
NVD
NVD
added 2025/06/30 11:15 a.m.7 views

CVE-2025-40710

Host Header Injection HHI vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web applications through the VPN tunnel. Although such applications do not present this vulnerability per se, the use of the tunnel, together with a forged Ho...

2.3CVSS0.00269EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/26 12:0 a.m.4 views

RHEL 8 : mod_security (RHSA-2025:8674)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8674 advisory. ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible D...

7.5CVSS7.9AI score0.00586EPSS
Exploits1References4
Fedora
Fedora
added 2025/06/25 1:43 a.m.9 views

[SECURITY] Fedora 41 Update: dotnet8.0-8.0.117-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/06/11 9:36 p.m.16 views

Important: Red Hat Security Advisory: mod_security security update

An update for modsecurity is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.4AI score0.00586EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2025/06/11 12:0 a.m.18 views

Important: mod_security security update

ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.2AI score0.00586EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/06/09 1:54 p.m.11 views

Important: Red Hat Security Advisory: mod_security security update

An update for modsecurity is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

7.5CVSS7.4AI score0.00586EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/06/09 1:43 a.m.15 views

Important: Red Hat Security Advisory: mod_security security update

An update for modsecurity is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS7.4AI score0.00586EPSS
Exploits1References2
Fedora
Fedora
added 2025/06/07 5:43 a.m.9 views

[SECURITY] Fedora 41 Update: mod_security-2.9.9-1.fc41

ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks...

7.5CVSS7.3AI score0.00586EPSS
Exploits1
Rows per page
Query Builder