Lucene search
K

219 matches found

NVD
NVD
added 2026/07/02 12:17 p.m.6 views

CVE-2026-57351

Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...

7.1CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:15 a.m.32 views

CVE-2026-57351 WordPress HandL UTM Grabber plugin <= 2.9.2 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.19 views

CVE-2026-57351

CVE-2026-57351 affects the WordPress plugin HandL UTM Grabber up to version 2.9.2, with an unauthenticated XSS vulnerability. The connected documents provide the vulnerability type and affected software but do not supply root cause specifics, exploit details, or a remediation. CVSS data (3.1) fro...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:15 a.m.10 views

CVE-2026-57351

Unauthenticated Cross Site Scripting XSS in HandL UTM Grabber = 2.9.2 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.8 views

PT-2026-54994

Name of the Vulnerable Software and Affected Versions HandL UTM Grabber versions 2.9.2 and earlier Description An unauthenticated Cross Site Scripting XSS issue exists, allowing an attacker to execute malicious scripts in the browser of a user without requiring prior authentication. Recommendatio...

7.1CVSS6AI score0.00191EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/28 4:55 p.m.12 views

Malicious code in tdata-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b4c3b37df5e3d08d7bc6ad736e0231ed0dc655640ffdf0dc403f4029ace2787 Package name explicitly declares its purpose as harvesting Telegram Desktop session data tdata directory. The tdata folder contains live authenticate...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/28 4:55 p.m.9 views

MAL-2026-6560 Malicious code in tdata-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b4c3b37df5e3d08d7bc6ad736e0231ed0dc655640ffdf0dc403f4029ace2787 Package name explicitly declares its purpose as harvesting Telegram Desktop session data tdata directory. The tdata folder contains live authenticate...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 7:9 a.m.14 views

Malicious code in telegram-lite-grabber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aad489fe689e441f3237d052bb24702e3178fca26564e662b060c0a8d01fe5f9 Package is named 'telegram-lite-grabber', a name strongly suggestive of a tool intended to harvest Telegram credentials or session data. No concrete...

6.1AI score
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.10 views

sshprank 1.7.0

sshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/04/02 9:0 p.m.3 views

Malicious Package

Overview strapi-plugin-locale is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren't...

9.8CVSS6AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/15 3:52 p.m.3 views

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS7.5AI score0.00148EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/15 3:52 p.m.31 views

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

8.4CVSS0.00148EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.9 views

WordPress HandL UTM Grabber / Tracker plugin < 2.8.1 - Reflected XSS via utm_source vulnerability

Reflected XSS via utmsource vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin HandL UTM Grabber versions 2.8.1...

7.1CVSS5.3AI score0.00147EPSS
Exploits0References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/23 8:22 a.m.5 views

Malicious code in node-calculator-x7k9-grabber (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6cc05819aa6a1000e0cdbf0a16de8aedc5d4c8be6ddf58c1a4db00890ea075b The package node-calculator-x7k9-grabber was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/12/23 8:22 a.m.4 views

MAL-2025-192847 Malicious code in node-calculator-x7k9-grabber (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6cc05819aa6a1000e0cdbf0a16de8aedc5d4c8be6ddf58c1a4db00890ea075b The package node-calculator-x7k9-grabber was found to contain malicious code...

6.8AI score
Exploits0
Patchstack
Patchstack
added 2025/12/15 6:6 p.m.12 views

WordPress HandL UTM Grabber / Tracker plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin HandL UTM Grabber versions = 2.8.0...

7.1CVSS6.1AI score0.00147EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/11 6:3 a.m.24 views

CVE-2025-13073

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00147EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 6:3 a.m.20 views

CVE-2025-13072

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00147EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/10 6:30 a.m.6 views

EUVD-2025-202398

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.6AI score0.00147EPSS
Exploits0References2
NVD
NVD
added 2025/12/10 6:15 a.m.4 views

CVE-2025-13073

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS0.00147EPSS
Exploits0References1
Rows per page
Query Builder