CVE-2024-41722

In the goTenna Pro ATAK Plugin there is a vulnerability that makes it possible to inject any custom message with any GID and Callsign using a software defined radio in existing goTenna mesh networks. This vulnerability can be exploited if the device is being used in an unencrypted environment or ...

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted WAFWeb Application Firewall to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL...

SpookFlare - Meterpreter Loader Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom...

shopex最新版前台一处想不到的SQL注入

简要描述： shopex代码核心的地方都做了加密处理，找漏洞就需要一点想象空间了，比如这个SQL注入... 详细说明： 存在于用户注册想不到的位置吧？ 1. /core/shop/controller/ctl.passport.php 267行 if !$info = $account-create$POST,$message ... 2.看到1，想到有没有可能$account-create是foreach $POST构造sql语句的呐？ 3.看数据表结构： 果断提交时$POST里加入memberid测试其实测试时我还试了mobile等，嘿，只捡有用的字段说，然后就有了下图： 漏洞证明：...

On the web Trojan automated analysis of two small ideas-vulnerability warning-the black bar safety net

Author: rayh4c 80sec Now online web Trojans and more are several sets of a fixed code, The changes are not many, including script code encryption methods, almost all is to explain the type of encryption, since the hack is performed the process of hanging horse, Inglés for the automated analysis o...