Lucene search
K

113 matches found

CVE
CVE
added 2025/01/15 3:22 a.m.49 views

CVE-2024-13334

CVE-2024-13334 describes a Reflected Cross-Site Scripting vulnerability in the Car Demon WordPress plugin. The issue arises in the search_condition parameter for all versions up to 1.8.1, due to insufficient input sanitization and output escaping. The description states that unauthenticated attac...

6.1CVSS6AI score0.0028EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/15 3:22 a.m.18 views

CVE-2024-13334 Car Demon <= 1.8.1 - Reflected Cross-Site Scripting

The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchcondition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS0.0028EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/15 3:22 a.m.5 views

CVE-2024-13334 Car Demon <= 1.8.1 - Reflected Cross-Site Scripting

The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchcondition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS6AI score0.0028EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/14 4:45 p.m.3 views

WordPress Car Demon plugin <= 1.8.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin Car Demon versions = 1.8.1...

6.1CVSS6.3AI score0.0028EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

WordPress plugin Car Demon 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS7.6AI score0.0028EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.8 views

The vulnerability of the Demon Routing Protocol Daemon in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

7.8CVSS5.5AI score0.00617EPSS
Exploits0References7Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.6 views

The vulnerability of the “demon flowd” in Juniper Networks’ Junos OS, which allows a hacker to trigger a service failure.

The vulnerability of the “demon flowd” in Juniper Networks’ Junos OS is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger service failures remotely...

6.5CVSS5.4AI score0.00321EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/09 12:0 a.m.20 views

CVE-2024-41570

An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...

7AI score0.02909EPSS
Exploits6References1
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.7 views

PT-2024-29448 · Havoc · Havoc

The affected software is Havoc 2, specifically version 0.7. This version is affected by an Unauthenticated Server-Side Request Forgery SSRF issue in demon callback handling, allowing attackers to send arbitrary network traffic from the team server, potentially leading to Remote Code Execution RCE...

9.8CVSS8.1AI score0.02909EPSS
Exploits6References16
CVE
CVE
added 2024/08/09 12:0 a.m.95 views

CVE-2024-41570

CVE-2024-41570 describes an unauthenticated SSRF in Havoc 2 (team server) demon callback handling, enabling attackers to cause arbitrary network traffic to be emitted from the Havoc team server. Connected sources confirm visible exploit PoCs and chained RCE narratives in Havoc C2-related reposito...

9.8CVSS7.3AI score0.02909EPSS
Exploits6References1Affected Software1
Cvelist
Cvelist
added 2024/08/09 12:0 a.m.42 views

CVE-2024-41570

An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...

0.02909EPSS
Exploits6References1
GithubExploit
GithubExploit
added 2024/07/13 7:54 p.m.366 views

Exploit for Server-Side Request Forgery in Havocframework Havoc

CVE-2024-41570: Havoc-C2-SSRF-poc This vulnerability is exploi...

9.8CVSS9.4AI score0.02909EPSS
Exploits6
HackRead
HackRead
added 2024/07/04 7:43 p.m.12 views

Volcano Demon Ransomware Gang Makes Phone Calls to Victim for Ransom

According to cybersecurity researchers at Halcyon AI, the new Volcano Demon ransomware gang calls its victims "very frequently,…...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:35 p.m.4 views

Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-online-movie-free-on-123movies (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 12:35 p.m.46 views

MAL-2024-2074 Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-online-movie-free-on-123movies (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/06/25 12:35 p.m.7 views

MAL-2024-2073 Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-2023-peliculas-online-en-espanol-hd (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:35 p.m.5 views

Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-2023-peliculas-online-en-espanol-hd (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:35 p.m.4 views

Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-2023-online-on-123movies (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 12:35 p.m.8 views

MAL-2024-2072 Malicious code in demon-slayer-kimetsu-no-yaiba-to-the-swordsmith-village-2023-online-on-123movies (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.9 views

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to improper syntax validation during input processing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.8CVSS5.5AI score0.00571EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder