Dozzle security vulnerability

Dozzle is a small, lightweight application developed by Amir Raminfar as an individual developer. Versions of Dozzle prior to 9.0.3 contained security vulnerabilities. These vulnerabilities stemmed from defects in the Shell endpoints supported by the proxy, which could allow users to obtain...

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Detection and Exploitation Tool...

CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

Exploit for Code Injection in Lubus Wp_Query_Console

CVE-2024-50498 / 0-Click RCE Exploit - Author: Joshua Provost...

Exploit for Unrestricted Upload of File with Dangerous Type in Webfulcreations Computer_Repair_Shop

CVE-2024-51793 / 0-Click RCE Exploit - Author: Joshua Provost...

CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

CVE-2025-49045

CVE-2025-49045 is a WordPress vulnerability in the WordPress plugin Super Interactive Maps (highwarden)

CVE-2025-49045 WordPress Super Interactive Maps plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

CVE-2025-49045 WordPress Super Interactive Maps plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

WordPress plugin super-interactive-maps has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...

📄 Oracle E-Business Suite CVE-2025-61882 Remote Code Execution

This Metasploit module exploits CVE-2025-61882 in Oracle E-Business Suite by combining server-side request forgery, path traversal, HTTP request smuggling, and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to remote code execution. This...

PT-2026-3968

Name of the Vulnerable Software and Affected Versions highwarden Super Interactive Maps versions through 2.3 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which can lead to Reflected Cross-site Scripting XSS. This allows an...

AttackMate: Realistic Emulation and Automation of Cyber Attack Scenarios across the Kill Chain

Adversary emulation tools facilitate scripting and automated execution of cyber attack chains, thereby reducing costs and manual expert effort required for security testing, cyber exercises, and intrusion detection research. However, due to the fact that existing tools typically rely on agents...

PT-2026-3219

Name of the Vulnerable Software and Affected Versions net.sourceforge.plantuml:plantuml versions prior to 1.2026.0 Description The software is susceptible to a Stored Cross-Site Scripting XSS issue because of inadequate sanitization of interactive attributes within GraphViz diagrams. A specially...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004354 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

Spring AI Agentic Patterns (Part 2): AskUserQuestionTool - Agents That Clarify Before Acting

Traditional AI interactions follow a common pattern: you provide a prompt, the AI makes assumptions, and produces a response. When those assumptions don't match your needs, you're left iterating through corrections. Each assumption creates rework—wasting time and context. What if your AI agent...

PlantUML security vulnerabilities

PlantUML is an open-source component that allows for rapid creation of diagrams from textual descriptions. Versions of PlantUML prior to 1.2026.0 contained security vulnerabilities, which stemmed from insufficient cleanup of interactive properties in GraphViz diagrams, potentially leading to...

MiracleLinux 4 : openssh-5.3p1-114.AXS4 (AXSA:2016-145:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-145:01 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide...

MiracleLinux 4 : libssh2-1.4.2-3.AXS4.1 (AXSA:2019-3922:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3922:01 advisory. libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3855 libssh2: Integer overflow in keyboard interactive handlin...