12 matches found
Exploit for SQL Injection in Litellm
CVE-2026-42208 — LiteLLM SQL Injection Scanner 🤖 Detects SQL...
CORScanner
CORS Exploiter Automated CORS misconfiguration scanner with...
CVE-2022-29316
Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result=advancesearch...
PT-2024-26108 · Sap · Sap Business Workflow
Name of the Vulnerable Software and Affected Versions: SAP Business Workflow affected versions not specified Description: The issue allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests, potentially resulting in...
GAP-Burp-Extension - Burp Extension To Find Potential Endpoints, Parameters, And Generate A Custom Target Wordlist
This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing. The full Help documentation can b...
Moxa EDS Ethernet Switches Uncontrolled Resource Consumption (CVE-2019-19707)
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices with firmware through 6.0, denial of service can occur via PROFINET DCE-RPC endpoint discovery packets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Metlo - An Open-Source API Security Platform
Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create an Inventory of all your APIEndpoints and Sensitive Data. Detect common API vulnerabilities. Proactively test your APIs before they go into production. Detect API attacks in real time. Metlo does this by...
xnLinkFinder - A Python Tool Used To Discover Endpoints (And Potential Parameters) For A Given Target
About - v2.0 This is a tool used to discover endpoints and potential parameters for a given target. It can find them by: crawling a target pass a domain/URL crawling multiple targets pass a file of domains/URLs searching files in a given directory pass a directory name get them from a Burp projec...
etcd: no authentication is performed against endpoints provided in the --endpoints flag
A flaw was found in etcd. The gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No...
CWFF - Create Your Custom Wordlist For Fuzzing
CWFF is a tool that creates a special High quality fuzzing/content discovery wordlist for you at the highest speed possible using concurrency and it's heavily inspired by @tomnomnom's Who, What, Where, When, Wordlist NahamCon2020. Usage CWFF -h --threads --github --subdomains --recursive...
CVE-2019-19707
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices with firmware through 6.0, denial of service can occur via PROFINET DCE-RPC endpoint discovery packets...
CVE-2019-19707
CVE-2019-19707 affects Moxa EDS-G508E, EDS-G512E, and EDS-G516E Ethernet Switches (firmware up to 6.0). The issue enables denial-of-service via PROFINET DCE-RPC endpoint discovery packets, stemming from uncontrolled resource consumption. Impact is DoS on affected devices, potentially taking them ...