sshprank 1.7.0

sshprank is a fast SSH mass-scanner, login cracker, and banner grabber tool using the python-masscan and shodan modules...

Malicious Package

Overview strapi-plugin-locale is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren't...

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

CVE-2021-47775 YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

WordPress HandL UTM Grabber / Tracker plugin < 2.8.1 - Reflected XSS via utm_source vulnerability

Reflected XSS via utmsource vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin HandL UTM Grabber versions 2.8.1...

Malicious code in node-calculator-x7k9-grabber (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6cc05819aa6a1000e0cdbf0a16de8aedc5d4c8be6ddf58c1a4db00890ea075b The package node-calculator-x7k9-grabber was found to contain malicious code...

MAL-2025-192847 Malicious code in node-calculator-x7k9-grabber (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6cc05819aa6a1000e0cdbf0a16de8aedc5d4c8be6ddf58c1a4db00890ea075b The package node-calculator-x7k9-grabber was found to contain malicious code...

WordPress HandL UTM Grabber / Tracker plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin HandL UTM Grabber versions = 2.8.0...

CVE-2025-13073

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13072

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2025-202398

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13073

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13073

CVE-2025-13073 refers to the HandL UTM Grabber / Tracker WordPress plugin (versions before 2.8.1). The issue is a Reflected Cross‑Site Scripting flaw where a parameter is output without proper sanitization/escaping, enabling an attacker to potentially affect high‑privilege users (e.g., admin). Af...

CVE-2025-13073 HandL UTM Grabber / Tracker < 2.8.1 - Reflected XSS via handl_landing_page

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13072 HandL UTM Grabber / Tracker < 2.8.1 - Reflected XSS via utm_source

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13072 HandL UTM Grabber / Tracker < 2.8.1 - Reflected XSS via utm_source

The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2025-13072

The HandL UTM Grabber / Tracker WordPress plugin (versions prior to 2.8.1) is affected by CVE-2025-13072 due to improper sanitization/escaping of a parameter before it is reflected back on the page, enabling a Reflected XSS that could target high-privilege users such as admins. The issue is confi...

WordPress plugin HandL UTM Grabber / Tracker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

WordPress plugin HandL UTM Grabber / Tracker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

Malicious code in blank-lib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96f1bcd77950a6cd42af11d0d4fb4ba3d58349cfde6236027341c044e152bfeb This is an infostealer, based on Blank Grabber. It's used as dependency in other malicious packages --- Category: MALICIOUS - The campaign has clearly maliciou...