24 matches found
EUVD-2012-1652
Malware in sbrugna...
Malicious code in synthetics-sdk-broken-links (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47730 Malicious code in synthetics-sdk-broken-links (npm)
--- -= Per source details. Do not edit below this line.=-...
Fedora: Security Advisory (FEDORA-2024-300397332b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : llvm-test-suite (2024-6d9aba8c3c)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-6d9aba8c3c advisory. Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf:...
Fedora 40 : llvm-test-suite (2024-300397332b)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-300397332b advisory. Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf:...
Contao: Possible cookie sharing with external domains while checking protected pages for broken links
Impact If the crawler is set to crawl protected pages, it sends the cookie header to externals URLs. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Disable crawling protected pages. References https://contao.org/en/security-advisories/session-cookie-disclosure-in-the-crawler For more...
GHSA-9JH5-QF84-X6PR Contao: Possible cookie sharing with external domains while checking protected pages for broken links
Impact If the crawler is set to crawl protected pages, it sends the cookie header to externals URLs. Patches Update to Contao 4.13.40 or 5.3.4. Workarounds Disable crawling protected pages. References https://contao.org/en/security-advisories/session-cookie-disclosure-in-the-crawler For more...
CVE-2024-28235 Contao possible cookie sharing with external domains while checking protected pages for broken links
Contao is an open source content management system. Starting in version 4.9.0 and prior to versions 4.13.40 and 5.3.4, when checking for broken links on protected pages, Contao sends the cookie header to external urls as well, the passed options for the http client are used for all requests. Cont...
CVE-2024-28235 Contao possible cookie sharing with external domains while checking protected pages for broken links
Contao is an open source content management system. Starting in version 4.9.0 and prior to versions 4.13.40 and 5.3.4, when checking for broken links on protected pages, Contao sends the cookie header to external urls as well, the passed options for the http client are used for all requests. Cont...
CVE-2024-28235 Contao possible cookie sharing with external domains while checking protected pages for broken links
Contao is an open source content management system. Starting in version 4.9.0 and prior to versions 4.13.40 and 5.3.4, when checking for broken links on protected pages, Contao sends the cookie header to external urls as well, the passed options for the http client are used for all requests. Cont...
CVE-2023-23737 WordPress MainWP Broken Links Checker Extension Plugin <= 4.0 is vulnerable to SQL Injection
Unauth. SQL Injection SQLi vulnerability in MainWP MainWP Broken Links Checker Extension plugin = 4.0 versions...
CVE-2023-23737 WordPress MainWP Broken Links Checker Extension Plugin <= 4.0 is vulnerable to SQL Injection
Unauth. SQL Injection SQLi vulnerability in MainWP MainWP Broken Links Checker Extension plugin = 4.0 versions...
Socialhunter - Crawls The Website And Finds Broken Social Media Links That Can Be Hijacked
Crawls the given URL and finds broken social media links that can be hijacked. Broken social links may allow an attacker to conduct phishing attacks. It also can cost a loss of the company's reputation. Broken social media hijack issues are usually accepted on the bug bounty programs. Currently, ...
WordPress Pro Broken Links Maintainer plugin <= 1.1.7.5 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Pro Broken Links Maintainer plugin versions = 1.1.7.5. Solution No patched version available...
Vajra - A Highly Customi zable Target And Scope Based Automated Web Hacking Framework To Automate Boring Recon Tasks
An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 About Vajra Vajra is an automated web hacking framework to automate boring recon tasks and same...
GitLab: Gitlab is vulnerable to impersonation attacks due to broken links
Good afternoon team, Vulnerability There's a lot of possible attacks that can be carried out with broken external links as noted in this github post by edoverflow. https://gist.github.com/EdOverflow/24e0bb929169eb948bb7f3d0a2d5528f. In this particular example I'm impersonating Ricardo who...
MS11-072: Description of the security update for Excel 2007: September 13, 2011
MS11-072: Description of the security update for Excel 2007: September 13, 2011 Microsoft has released security bulletin MS11-072. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...
Debian DSA-3332-1 : wordpress - security update
Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. - CVE-2015-2213 SQL Injection allowed a remote attacker to compromise the site. - CVE-2015-5622 The robustness of the shortcodes HTML tags filter has been improved. The parsing is a bit more strict, which may affec...
Debian: Security Advisory (DSA-3332-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...