PT-2022-12234

Name of the Vulnerable Software and Affected Versions Single Connect affected versions not specified Description The issue arises from the lack of an authorization check in the sc-reports-ui module, allowing a remote attacker to access the device configuration page and export data to an external...

PT-2021-15888 · WordPress · Simple 301 Redirects By Betterlinks

Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue concerns the export data function of the Simple 301 Redirects by BetterLinks WordPress plugin, which had no capability or nonce checks. This...

InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments

Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint and network data, log data enables teams to detect malicious activity, prove compliance, and have better visibility across their environment. Within InsightIDR, our Log...

CVE-2020-26285

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to import/export data and to create widget instances was able to inject an...

VEF

This is a Vulnerability Exploitation Framework VEF repository, which is a collection of tools and scripts for exploiting vulnerabilities in various systems and applications. The framework is written in Python and utilizes various APIs from different vulnerability databases, including Censys, Fofa...

CVE-2020-4693

IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782...

CVE-2020-1182

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations on-premises version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server. An authenticated attacke...

PT-2020-3765 · Microsoft · Dynamics 365 For Finance/Operations

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 for Finance and Operations on-premises version 10.0.11 Description: A remote code execution issue exists, allowing an attacker to gain remote code execution via server-side script execution on the victim server. An...

rigidized.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1057234 Security Researcher error404 Helped patch 526 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting rigidized.com website and...

empleonuevo.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1023360 Security Researcher geeknik Helped patch 8696 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting empleonuevo.com website an...

CVE-2019-8107

An arbitrary file deletion vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with export data transfer privileges can craft a request to perform arbitrary file deletion...

pzgolf.pl Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1006269 Security Researcher geeknik Helped patch 8803 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting pzgolf.pl website and its...

web.uconn.edu Cross Site Scripting vulnerability

Security Researcher Gh05tPT Helped patch 6836 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting web.uconn.edu website and its users. Following coordinat...

MISP - Malware Information Sharing Platform and Threat Sharing

The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System NIDS, LIDS but also log analysi...

PT-2018-13040 · Dokuwiki · Dokuwiki

Name of the Vulnerable Software and Affected Versions: DokuWiki versions 2018-04-22a and earlier Description: The issue allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export in the /lib/plugins/usermanager/admin.php file...

Foxit Reader Arbitrary File Write Remote Code Execution Vulnerability (CNVD-2018-15093)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

Wireless GUI Android Security Assessment: Hijacker

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng , MDK3 and Reaver . It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with an...

WhoIsConnectedSniffer - Detect who is connected to your network without scanning

WhoIsConnectedSniffer is a network discovery tool that listens to network packets on your network adapter using a capture driver WinpCap or MS network monitor and accumulates a list of computer and devices currently connected to your network. WhoIsConnectedSniffer uses various protocols to detect...

WhoIsConnectedSniffer - Network discovery tool that listens to network packets on your network

WhoIsConnectedSniffer is a network discovery tool that listens to network packets on your network adapter using a capture driver WinpCap or MS network monitor and accumulates a list of computer and devices currently connected to your network. WhoIsConnectedSniffer uses various protocols to detect...

DEBIAN-CVE-2012-3818

The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...