PT-2026-39138

Name of the Vulnerable Software and Affected Versions Brave CMS versions prior to commit 6c56603 Description Page and article body content entered through the CKEditor rich-text editor is stored verbatim in the database and rendered using Laravel Blade's unescaped output directive !! !!. This...

PT-2025-50557

Name of the Vulnerable Software and Affected Versions Cybersecurity AI CAI versions 0.5.9 and below Description Cybersecurity AI CAI is an open-source framework for building and deploying AI-powered offensive and defensive automation. The run ssh command with credentials function is susceptible t...

CVE-2025-57738

Apache Syncope offers the ability to extend / customize the base behavior on every deployment by allowing to provide custom implementations of a few Java interfaces; such implementations can be provided either as Java or Groovy classes, with the latter being particularly attractive as the machine...

PT-2024-33688 · WordPress · Wpkoi Templates For Elementor

Name of the Vulnerable Software and Affected Versions: WPKoi Templates for Elementor plugin for WordPress versions up to, and including, 2.5.9 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated...

CVE-2023-5752 Mercurial configuration injectable in repo revision when installing via pip

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

CVE-2023-5752 Mercurial configuration injectable in repo revision when installing via pip

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

InjectaBLE vulnerability discovered in Bluetooth Low Energy (BLE)

Researchers at the LAAS-CNRS laboratory have demonstrated the ability to obtain a be able to obtain full man-in-the-middle status from two Bluetooth Low Energy BLE devices that have an unencrypted connection have. The man-in-the-middle attack does not work on encrypted connections. However, it is...

MTN Group: Reflected XSS on gamesclub.mtn.com.g

hello dear I have found Reflected XSS on gamesclub.mtn.com.g parameters injectable /header.aspx my payload "; HTTP Header input Referer was set to https://www.google.com/search?hl=en&q=testing'"&%gQmT9082 HTTP request =========== GET /header.aspx HTTP/1.1 Host: gamesclub.mtn.com.gh...

CVE-2020-26222

CVE-2020-26222 affects Dependabot-Core (multiple package managers) where a source branch name containing malicious injectable bash code could trigger remote code execution during cloning. The vulnerability exists in dependabot-common and dependabot-go_modules for Dependabot-Core versions from 0.1...

Teamviewer Session Hijacking Vulnerability

Teamviewer is vulnerable to session hijacking. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:teamviewer:teamviewer";...

Destoon最新版本20131010补丁后，全版本继续注入

简要描述： Destoon最新版本20131010补丁后，全版本继续注入 详细说明： 问题出在api/js.php这个漏洞，这个星期工作忙，结果别人提交了，官方补丁都出来了。 下载补丁，发现官方的修复比较马虎，没有理解漏洞的本质，分分钟绕过再次注入。 建议官方好好思考一下这个漏洞产生的根本原因。 漏洞证明： stripsql过滤了union这个字符串，但是实际上是可以绕过的。 由于需要伪造referer，所以用php写的脚本进行漏洞利用，需要根据实际情况修改里面的路径。 POC里面host参数为域名，本机测试为localhost，ver参数为版本，里面写了3,4,5三个版本的利用代码。...

[Laudanum] Collection of injectable files

Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.They provide functionality such as shell, DNS query, LDAP retrieval and others. Download Laudanum...

b2ePMS 1.0 multiple SQLi Vulnerabilities

Exploit for php platform in category web applications Title: b2ePMS 1.0 multiple SQLi Vulnerabilities Version: 1.0 Author/Found by: loneferret Manifacturer/Software link: https://developer.berlios.de/projects/b2epms/ Other vulnerability: http://www.exploit-db.com/exploits/18882/ Date found: May...

DZCP (deV!L`z Clanportal) Gamebase Addon - SQL Injection

======================================================================================== | Title : deV!Lz Clanportal Gamebase Addon SQL Injection Vulnerability | Author Easy Laster | Download : http://www.modsbar.de/Addons/464/gamebase-addon/ | Script : deV!Lz Clanportal Gamebase Addon | Price :...

CGI Generic Injectable Parameter

Nessus was able to to inject innocuous strings into CGI parameters and read them back in the HTTP response. The affected parameters are candidates for extended injection tests like cross-site scripting attacks. This is not a weakness per se, the main purpose of this test is to speed up other...

Zenoss 2.3.3 SQL Injection

nGenuity Information Services -- Security Advisory Advisory ID: NGENUITY-2010-001 - Zenoss getJSONEventsInfo SQL Injection Application: Zenoss 2.3.3 Vendor: Zenoss Vendor website: http://www.zenoss.com Author: Adam Baldwin [email protected] Authentication: Valid user or admin session...

phpBB3 - addon prime_quick_style GetAdmin

phpBB3 - addon primequickstyle GetAdmin phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after...

phpBB3 - addon prime_quick_style GetAdmin

phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login, go to "./ucp.php" and manipulate...

phpBB3 addon prime_quick_style GetAdmin Vulnerability

No description provided by source. phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login...

phpBB3 addon prime_quick_style GetAdmin Vulnerability

Exploit for unknown platform in category web applications ===================================================== phpBB3 addon primequickstyle GetAdmin Vulnerability ===================================================== phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited...