81 matches found
EUVD-2014-7462
Malware in sbrugna...
EUVD-1999-1112
Malware in sbrugna...
EUVD-2024-51539
Malicious code in bioql PyPI...
MAL-2025-9031 Malicious code in @malware-test-twins-atlas-blest-demon/test-mlw3-twins-atlas-blest-demon (npm)
The package @malware-test-twins-atlas-blest-demon/test-mlw3-twins-atlas-blest-demon was found to contain malicious code...
CVE-2024-13334
The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchcondition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2022-4171
The demon image annotation plugin for WordPress is vulnerable to improper input validation in versions up to, and including 5.0. This is due to the plugin improperly validating the number of characters supplied during an annotation despite there being a setting to limit the number characters inpu...
CVE-2024-13334
The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchcondition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2024-13334 Car Demon <= 1.8.1 - Reflected Cross-Site Scripting
The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchcondition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2024-13334 Car Demon <= 1.8.1 - Reflected Cross-Site Scripting
The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchcondition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2024-13334
CVE-2024-13334 describes a Reflected Cross-Site Scripting vulnerability in the Car Demon WordPress plugin. The issue arises in the search_condition parameter for all versions up to 1.8.1, due to insufficient input sanitization and output escaping. The description states that unauthenticated attac...
WordPress Car Demon plugin <= 1.8.1 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin Car Demon versions = 1.8.1...
WordPress plugin Car Demon 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-41570
An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...
PT-2024-29448 · Havoc · Havoc
The affected software is Havoc 2, specifically version 0.7. This version is affected by an Unauthenticated Server-Side Request Forgery SSRF issue in demon callback handling, allowing attackers to send arbitrary network traffic from the team server, potentially leading to Remote Code Execution RCE...
CVE-2024-41570
An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...
CVE-2024-41570
CVE-2024-41570 describes an unauthenticated SSRF in Havoc 2 (team server) demon callback handling, enabling attackers to cause arbitrary network traffic to be emitted from the Havoc team server. Connected sources confirm visible exploit PoCs and chained RCE narratives in Havoc C2-related reposito...
Exploit for Server-Side Request Forgery in Havocframework Havoc
CVE-2024-41570: Havoc-C2-SSRF-poc This vulnerability is exploi...
Volcano Demon Ransomware Gang Makes Phone Calls to Victim for Ransom
According to cybersecurity researchers at Halcyon AI, the new Volcano Demon ransomware gang calls its victims "very frequently,…...
Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-online-movie-free-on-123movies (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2074 Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-online-movie-free-on-123movies (npm)
--- -= Per source details. Do not edit below this line.=-...