Exploit for Cross-site Scripting in Ourphp

create a vulnerable Docker environment that is susceptible to...

Exploit for Cross-site Scripting in Ourphp

create a vulnerable Docker environment that is susceptible to...

Exploit for Cross-site Scripting in Ourphp

create a vulnerable Docker environment that is susceptible to...

Exploit for Cross-site Scripting in Ourphp

PoC exploit for CVE-2023-30212, a Cross-Site Scripting XSS vul...

Privilege Escalation

github.com/kubernetes/minikube is vulnerable to Privilege Escalation. A remote attacker is able to access to the minikube container with elevated privileges due to an exposed network port when minikube is running on macOS with the Docker driver...

CVE-2023-1174

This vulnerability exposes a network port in minikube running on macOS with Docker driver that could enable unexpected remote access to the minikube container...

CVE-2023-1174

CVE-2023-1174 affects minikube running on macOS with the Docker driver, where an exposed network port permits unexpected remote access to the minikube container. The vulnerability is described across multiple sources (NVD, CVE listing, Veracode, OSV, etc.) as a network exposure that could lead to...

Exploit for Cross-site Scripting in Cloudogu Scm_Manager

CVE-2023-33829: Stored-XSS-on-SC...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2023-1949)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23424 DESCRIPTION: Node.js ansi-html module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By sending a specially-crafted regex input, ...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23364 DESCRIPTION: Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS during parsing of queries. By sending a specially-crafted...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-46175 DESCRIPTION: JSON5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parse method. By adding or...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2023-1864)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where...

Exploit for Path Traversal in Grafana

PoC para CVE-2021-43798 Grafana es una plataforma de código a...

Indicator-Intelligence - Finds Related Domains And IPv4 Addresses To Do Threat Intelligence After Indicator-Intelligence Collects Static Files

Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files. Done Related domains, IPs collect Installation From Source Code You can use virtualenv for package dependencies before installation. git clone...

Nimbo-C2 - Yet Another (Simple And Lightweight) C2 Framework

About Nimbo-C2 is yet another simple and lightweight C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim, with some usage of .NET on Windows by dynamically loading the CLR to the process. Nim is powerful, but interacting with Windows is much easier and robust using...

Icingaweb Directory Traversal in Static Library File Requests

Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to 2.8.5 inclusive suffer from an unauthenticated directory traversal vulnerability. The vulnerability is triggered through the icinga-php-thirdparty library, which allows unauthenticated users to retrieve arbitrary files from the target...

Vulnerabilities fixed in Elastic products

Vulnerabilities have been fixed in the Kibana and Filebeat products from Elastic. These vulnerabilities allow an attacker to perform cross-site scripting attacks, read system data such as read logs or execute arbitrary code under user privileges. The vulnerability with attribute CVE-2023-31415 in...

Exploit for Incorrect Permission Assignment for Critical Resource in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the CV...

REcollapse Is A Helper Tool For Black-Box Regex Fuzzing To Bypass Validations And Discover Normalizations In Web Applications

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications. It can also be helpful to bypass WAFs and weak vulnerability mitigations. For more information, take a look at the REcollapse blog post. The goal of this tool is to...