34 matches found
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the custom-payload-file field in REST API server mode. An attacker can read and exfiltrate arbitrary files accessible to the process by supplying a path to a file, which is then read line-by-lin...
EUVD-2026-32616
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through...
CVE-2026-45088 Dalfox: Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file` in Dalfox Server Mode
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through...
CVE-2026-45088
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through...
CVE-2026-45088 Dalfox: Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file` in Dalfox Server Mode
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through...
CVE-2026-45088
CVE-2026-45088 affects Dalfox when run in REST API server mode prior to version 2.13.0. The custom-payload-file field in model.Options is JSON-tagged and deserialized from the attacker’s request body, then propagated into the scan engine and passed to voltFile.ReadLinesOrLiteral. Each line of the...
Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`
Summary When dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to...
GHSA-35WR-X7V6-9FV2 Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file`
Summary When dalfox is run in REST API server mode, the custom-payload-file field in model.Options is JSON-tagged and deserialized directly from the attacker's request body, then propagated unchanged through dalfox.Initialize into the scan engine. The engine passes the value to...
PT-2026-40550
Name of the Vulnerable Software and Affected Versions Dalfox versions prior to 2.13.0 Description When running in REST API server mode, the software fails to sanitize the custom-payload-file field within model.Options, which is deserialized directly from the request body and passed to the...
HTTPS Fetch, Windows shellcode stage, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Custom shellcode stage. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/https/x86/custom/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf...
HTTP Fetch, Windows shellcode stage, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcod...
HTTP Fetch, Windows shellcode stage, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/http/x86/custom/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set...
CVE-2020-10192
An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the /report/brokenclient endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/views/listings/default.php...
MAL-2025-114478 Malicious code in hadianto-miemee17-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fca3c141beeda78bb3231a6bffbb66654129bf7fce3bbfa2340d4dbcd280bf7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2020-2652
Malware in sbrugna...
cpvst
🛡️ CPVST - Cyber Prince Vulnerability Scanner Tool !Python...
Exploit for Deserialization of Untrusted Data in Microsoft
Pre-Exploit Vulnerability Check for CVE-2025-53770 with Burp...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 WinRAR Exploit PoC This repository contains a...
Exploit for SQL Injection in Bplugins Html5_Video_Player
EN A PoC exploit scanner for CVE-2024-5522 vulnerability in Wo...
Triton 安全漏洞
Triton is a Minecraft plugin used to improve the multi-language support of Minecraft! A security vulnerability exists in Triton versions prior to 3.8.4, which stems from CustomPayload packets allowing commands to be executed on the console...