41 matches found
CVE-2025-55273 HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability
HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking...
CVE-2025-55273
HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking...
CVE-2025-55273 HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability
HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking...
CVE-2026-24037
Horilla is a free and open source Human Resource Management System HRMS. In version 1.4.0, the hasxss function attempts to block XSS by matching input against a set of regex patterns. However, the regexes are incomplete and context-agnostic, making them easy to bypass. Attackers are able to...
EUVD-2025-19752
Malicious code in bioql PyPI...
CVE-2025-34078
A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...
K52349521: OpenSSL vulnerability CVE-2016-2842
Security Advisory Description The doaproutch function in crypto/bio/bprint.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service out-of-bounds write or memory consumption or...
Metasploit Wrap-Up
NSClient++ Community contributor Yann Castel has contributed an exploit module for NSClient++ which targets an authenticated command execution vulnerability. Users that are able to authenticate to the service as admin can leverage the external scripts feature to execute commands with SYSTEM level...
NSClient++ 0.5.2.35 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NSClient++ 0.5.2.35 - ExternalScripts Authenticated Remote Code Execution', 'Description' = %q This module allows an attacker with knowledge of t...
Knowage Cross-Site Scripting Vulnerability (CNVD-2021-26380)
Knowage is a suite of open source tools for modern business analytics. A reflective cross-site scripting vulnerability exists in Knowage versions prior to 7.4. The vulnerability can be exploited to inject arbitrary external scripts into /restful-services/publish via the 'EXECFROM' parameter, whic...
NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Exploit
Exploit for jsp platform in category web applications Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64...
NSClient++ 0.5.2.35 - Authenticated Remote Code Execution
Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-04-20 Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64 CVE: N/A NSClient++ ...
Drltrace - A Library Calls Tracer For Windows And Linux Applications
Drltrace is a dynamic API calls tracer for Windows and Linux applications designed primarily for malware analysis. Drltrace is built on top of DynamoRIO dynamic binary instrumentation framework. The release build can be downloaded here. Usage The usage of drltrace is very simple. A user needs to...
Vulners Nmap plugin
In previous post about Vulners vulnerability detection plugins for Burp and Google Chrome, I mentioned that it would be great to have a plugin for some free publicly available tool, like Nmap. And guys from the Vulners Team have recently released Nmap plugin. Isn't it awesome? To detect...
Palo Alto DNS Proxy Arbitrary Code Execution Vulnerability
Palo Alto Networks PAN-OS is a suite of operating systems developed by Palo Alto Networks for its firewall appliances.DNS Proxy is one of the DNS proxies capable of resolving remote hosts using external scripts via http proxy requests. An arbitrary code execution vulnerability exists in DNS Proxy...
The vulnerability of Cisco Nexus 7000 software allows a malicious individual to execute arbitrary code.
The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...
http-referer-checker NSE Script
Informs about cross-domain include of scripts. Websites that include external javascript scripts are delegating part of their security to third-party entities. Script Arguments slaxml.debug See the documentation for the slaxml library. httpspider.doscraping, httpspider.maxdepth,...
Design/Logic Flaw
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle MITM attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option...
CVE-2007-5863
Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle MITM attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option...
Remote Command Injection Vulnerability
Description This bug was originally reported against the anonymous calls to the SamrChangePassword MS-RPC function in combination with the "username map script" smb.conf option which is not enabled by default. After further investigation by Samba developers, it was determined that the problem was...