Lucene search
K

23 matches found

EUVD
EUVD
added 2026/02/27 9:30 a.m.8 views

EUVD-2025-208134

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References7
NVD
NVD
added 2026/02/27 8:17 a.m.6 views

CVE-2025-9909

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS0.00167EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/27 7:30 a.m.5 views

CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/27 7:30 a.m.26 views

CVE-2025-9909 Aap-gateway: improper path validation in gateway allows credential exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS0.00167EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/27 7:30 a.m.14 views

CVE-2025-9909

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References7
CVE
CVE
added 2026/02/27 7:30 a.m.15 views

CVE-2025-9909

The CVE-2025-9909 issue affects Red Hat Ansible Automation Platform Gateway route creation: improper gateway_path handling allows an attacker with admin privileges to create misleading routes (double-slash prefix) to intercept credentials, potentially enabling persistent backdoors. It is describe...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References6Affected Software3
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.10 views

PT-2025-54839

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gateway path. A malicious or socially engineered administrator can configure a...

6.7CVSS5.8AI score0.00167EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/12/10 6:0 p.m.7 views

aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.7AI score0.00167EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/19 3:51 p.m.3 views

aap-gateway: Improper Path Validation in Gateway Allows Credential Exfiltration

A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash // prefix in the gatewaypath. A malicious or socially engineered administrator can configure a...

6.7CVSS5.7AI score0.00167EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/18 9:30 a.m.5 views

EUVD-2025-197934

The Project Honey Pot Spam Trap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the printAdminPage function. This makes it possible for unauthenticated attackers to update setting...

6.1CVSS4.9AI score0.00127EPSS
Exploits0References5
NVD
NVD
added 2025/11/18 9:15 a.m.19 views

CVE-2025-12406

The Project Honey Pot Spam Trap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the printAdminPage function. This makes it possible for unauthenticated attackers to update setting...

6.1CVSS0.00127EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.3 views

WordPress plugin Project Honey Pot Spam Trap 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin i...

6.1CVSS6.3AI score0.00127EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/11/17 10:44 p.m.7 views

WordPress Project Honey Pot Spam Trap plugin <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Project Honey Pot Spam Trap versions = 1.0.1...

6.1CVSS5.9AI score0.00127EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/07 2:32 p.m.4 views

CVE-2025-58855

Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V Artprima AP HoneyPot WordPress Plugin ap-honeypot allows Reflected XSS.This issue affects AP HoneyPot WordPress Plugin: from n/a through = 1.4...

7.1CVSS5.9AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2025/09/05 1:45 p.m.17 views

CVE-2025-58855

CVE-2025-58855 affects AP HoneyPot WordPress Plugin (Versions up to 1.4). Public records describe an improper neutralization of formula elements in a CSV file leading to reflected XSS, and related sources also flag a CSRF vulnerability in the plugin’s CSRF handling. The combination implies an imp...

7.1CVSS5.9AI score0.00219EPSS
Exploits0References1
Circl
Circl
added 2024/12/27 12:0 a.m.46 views

CVE-2018-18852

creationtimestamp| type| source ---|---|--- 2024-12-27 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-27 2025-01-05 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-05 2025-01-07 00:00:00+00:00| seen| The Shadowserver...

9CVSS7.2AI score0.63797EPSS
In wildExploits0References3
Kitploit
Kitploit
added 2021/01/15 8:30 p.m.59 views

Ssh-Mitm - Ssh Mitm Server For Security Audits Supporting Public Key Authentication, Session Hijacking And File Manipulation

ssh-mitm is an intercepting mitm proxy server for security audits. Redirect/mirror Shell to anotherssh client supported in 0.2.8 Replace File in SCP supported in 0.2.6 Replace File in SFTP supported in 0.2.3 Transparent proxy support in 0.2.2! - intercepting traffic to other hosts is now possible...

7.7AI score
Exploits0References1
Circl
Circl
added 2018/05/29 3:50 p.m.15 views

CVE-2017-12149

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/jbossvulnscan.rb 2018-12-11 15:50:28+00:00| seen| MISP/5c0fd6cc-f868-4dca-890c-1ea30a021402 2023-06-14 21:10:03+00:00| seen|...

9.8CVSS7.5AI score0.90713EPSS
In wildExploits14References11
Kitploit
Kitploit
added 2017/12/03 9:30 p.m.53 views

HonSSH - Log all SSH communications between a client and server

HonSSH is a high-interaction Honey Pot solution. HonSSH will sit between an attacker and a honey pot, creating two separate SSH connections between them. Features Captures all connection attempts to a text file, database or email alerts. When an attacker sends a password guess, HonSSH can...

7.3AI score
Exploits0References7
The Hacker News
The Hacker News
added 2011/11/13 9:23 p.m.4 views

SAHER HoneyNet : A Tunisian Honeynet Project

SAHER HoneyNet : A Tunisian Honeynet Project A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. A honeynet contains one or more honey...

7.1AI score
Exploits0
Rows per page
Query Builder