Lucene search
K

97 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-0929

Malware in sbrugna...

6.8CVSS6.1AI score0.00748EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/09/13 10:29 a.m.397 views

hackingtool-v5.1

All in One Hacking tool For Hackers🥇 !https://img.shields...

7.4AI score
Exploits0
NVD
NVD
added 2025/09/11 2:15 p.m.21 views

CVE-2025-10193

DNS rebinding vulnerability in Neo4j Cypher MCP server allows malicious websites to bypass Same-Origin Policy protections and execute unauthorised tool invocations against locally running Neo4j MCP instances. The attack relies on the user being enticed to visit a malicious website and spend...

7.4CVSS0.00206EPSS
Exploits0References3
OSV
OSV
added 2025/08/29 4:15 p.m.2 views

CVE-2025-47909

Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the CVE-2025-24358 fix, a network attacker that places a form at http://example.com can't get it to submit to https://example.com because the Origin...

4.3AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/08/28 12:0 a.m.2 views

CyberSleuth: Autonomous Blue-Team LLM Agent for Web Attack Forensics

Large Language Model LLM agents are powerful tools for automating complex tasks. In cybersecurity, researchers have primarily explored their use in red-team operations such as vulnerability discovery and penetration tests. Defensive uses for incident response and forensics have received...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.6 views

CVE-2023-26046

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

6.5CVSS6.1AI score0.00536EPSS
Exploits0References1
OSV
OSV
added 2025/01/25 12:53 a.m.27 views

CVE-2025-24361 Opening a malicious website while running a Nuxt dev server could allow read-only access to code

Nuxt is an open-source web development framework for Vue.js. Source code may be stolen during dev when using version 3.0.0 through 3.15.12 of the webpack builder or version 3.12.2 through 3.152 of the rspack builder and a victim opens a malicious web site. Because the request for classic script b...

5.3CVSS6.7AI score0.00325EPSS
Exploits0References4
Gitee
Gitee
added 2024/11/08 10:25 a.m.82 views

hackingtool

This is an offensive tool for a comprehensive hacking suite. The primary purpose of this tool is to provide a wide range of functionalities for hackers, including information gathering, exploitation, and post-exploitation activities. The tool is designed to be user-friendly and can be run on...

8.3AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2024/09/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2021-38702

Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow tweb/ft.php?u=XSS attacks...

6.1CVSS5.8AI score0.06929EPSS
Exploits2References1
OSV
OSV
added 2024/05/03 5:15 p.m.5 views

CVE-2024-33791

A cross-site scripting XSS vulnerability in netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the getTimeZone function...

4.6CVSS5.9AI score0.00385EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/11/02 12:0 a.m.4 views

IBM CICS TX 跨站请求伪造漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. IBM CICS TX has a cross-site request forgery vulnerability that stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker could exploit this vulnerability by...

8.8CVSS6.5AI score0.00291EPSS
Exploits0References5
OSV
OSV
added 2023/07/18 9:15 p.m.3 views

CVE-2023-22047

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

7.5CVSS7.3AI score0.74469EPSS
Exploits1References1
Prion
Prion
added 2023/03/02 1:15 a.m.12 views

Cross site scripting

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

5.8CVSS6.2AI score0.00536EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/02 12:14 a.m.28 views

CVE-2023-26046 teler-waf subject to bypass of common web attack threat rule with HTML entities payload

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

6.5CVSS6.6AI score0.00536EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/02 12:14 a.m.9 views

CVE-2023-26046 teler-waf subject to bypass of common web attack threat rule with HTML entities payload

teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. In teler-waf prior to version 0.1.1 is vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

6.5CVSS6.4AI score0.00536EPSS
Exploits0References3
OSV
OSV
added 2023/03/01 7:19 p.m.16 views

GHSA-9F95-HHG4-PG4F teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload

Description teler-waf is a Go HTTP middleware that provides teler IDS functionality to protect against web-based attacks. Versions prior to v0.1.1 are vulnerable to bypassing common web attack rules when a specific HTML entities payload is used. This vulnerability allows an attacker to execute...

6.1CVSS6.3AI score0.00536EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.5 views

SUSE CVE-2012-0071

Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote attackers to affect integrity via unknown vectors related to Web, a different vulnerability than CVE-2012-0093...

4.3CVSS6.5AI score0.01046EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.4 views

SUSE CVE-2017-10195

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications subcomponent: Import/Export. The supported version that is affected is 2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality...

4.3CVSS6.5AI score0.01685EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.3 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. A cross-site scripting vulnerabilit...

5.4CVSS6.2AI score0.00708EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2022/10/12 6:5 p.m.111 views

[Security Nation] James Kettle of PortSwigger on Advancing Web-Attack Research

!\Security Nation\ James Kettle of PortSwigger on Advancing Web-Attack Researchhttps://blog.rapid7.com/content/images/2022/10/securitynationlogo.jpg In this episode of Security Nation, Jen and Tod talk to James Kettle of PortSwigger. Their discussion includes research for new web-attack technique...

9.9AI score0.99984EPSS
Exploits25
Rows per page
Query Builder