114 matches found
DRUPAL-CONTRIB-2024-049
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
Exploit for Improper Privilege Management in Oracle Vm_Virtualbox
cve-2023-21987-poc Oracle VirtualBox VGA OOB-Read Vulnerab...
Exploit for CVE-2024-32651
CVE-2024-32651 changedetection --port --ip --notification...
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) < 2.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Product Horizontal Filter Widget
Description The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's WL: Product Horizontal Filter widget in all versions up to, and including, 2.9.0 due t...
CVE-2024-1730 Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider) <= 3.14.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Prime Slider – Addons For Elementor Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via urls in link fields, images from URLs, and html tags used in widgets in...
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking
This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...
Sicat - The Useful Exploit Finder
Introduction SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant...
Exploit for External Control of Assumed-Immutable Web Parameter in Fortra Filecatalyst_Workflow
Exploit for CVE-2024-25153 ---...
[SECURITY] Fedora 40 Update: jdeparser-2.0.3-17.fc40
This project is a fork of Sun's now Oracle's com.sun.codemodel project. We decided to fork the project because by all evidence, the upstream project is dead and not actively accepting outside contribution. All JBoss projects are urged to use this project instead for source code generation...
BIT-GITLAB-2020-10080
GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possible for certain non-members to access the Contribution Analytics page of a private group...
Exploit for Path Traversal in Jenkins
CVE-2024-23897 | Jenkins -p -f or bash python CVE-...
Uscrapper - Powerful OSINT Webscraper For Personal Data Collection
Introducing Uscrapper 2.0, A powerfull OSINT webscrapper that allows users to extract various personal information from a website. It leverages web scraping techniques and regular expressions to extract email addresses, social media links, author names, geolocations, phone numbers, and usernames...
D3m0n1z3dShell - Demonized Shell Is An Advanced Tool For Persistence In Linux
Demonized Shell is an Advanced Tool for persistence in linux. Install git clone https://github.com/MatheuZSecurity/D3m0n1z3dShell.git cd D3m0n1z3dShell chmod +x demonizedshell.sh sudo ./demonizedshell.sh One-Liner Install Download D3m0n1z3dShell with all files: curl -L...
Exploit for Improper Access Control in Joomla Joomla\!
Joomla-CVE-2023-23752 This Python implementation serves an edu...
Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center
CVE-2023-22518 - Vulnerabilidad en Confluence Descripción...
Users can lose eth when contributing.
Lines of code Vulnerability details Impact When contributing in InitialETHCrowdfund, if minting adjusts the voting power for that user to cap it at totalVotingPower, the user does not get refunded the eth he lost. Proof of Concept PartyGovernanceNFTmint caps the mintedVotingPower at...
In the _initialize function of the ETHCrowdfundBase contract, when minTotalContributions is equal to maxTotalContributions, crowdfund will never reach its minimum goal in some specific scenarios
Lines of code Vulnerability details Impact In the initialize function of the ETHCrowdfundBase contract, when minTotalContributions is equal to maxTotalContributions, crowdfund will never reach its minimum goal in some specific scenarios. The ETH of users who contribute to this crowdfund will be...
Associated-Threat-Analyzer - Detects Malicious IPv4 Addresses And Domain Names Associated With Your Web Application Using Local Malicious Domain And IPv4 Lists
Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists. Installation From Git git clone https://github.com/OsmanKandemir/associated-threat-analyzer.git cd associated-threat-analyzer && pip3...
Indicator-Intelligence - Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect Installation From Source Code You can use virtualenv for package dependencies before installation. git clone...
MaxContribution check can be bypassed to give a card high voting power
Lines of code Vulnerability details Proof of Concept ReraiseETHCrowdfund tries limit the voting power of each card by doing a min/maxContribution check in claim and claimMultiple. uint96 contribution = votingPower 1e4 / exchangeRateBps; uint96 maxContribution = maxContribution; // Check that the...