CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

Exploit for Code Injection in Lubus Wp_Query_Console

CVE-2024-50498 / 0-Click RCE Exploit - Author: Joshua Provost...

Exploit for Unrestricted Upload of File with Dangerous Type in Webfulcreations Computer_Repair_Shop

CVE-2024-51793 / 0-Click RCE Exploit - Author: Joshua Provost...

CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

CVE-2025-49045

CVE-2025-49045 is a WordPress vulnerability in the WordPress plugin Super Interactive Maps (highwarden)

CVE-2025-49045 WordPress Super Interactive Maps plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

CVE-2025-49045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

CVE-2025-49045 WordPress Super Interactive Maps plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Interactive Maps super-interactive-maps allows Reflected XSS.This issue affects Super Interactive Maps: from n/a through = 2.3...

PT-2026-3968

Name of the Vulnerable Software and Affected Versions highwarden Super Interactive Maps versions through 2.3 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which can lead to Reflected Cross-site Scripting XSS. This allows an...

WordPress plugin super-interactive-maps has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. Versions of...

📄 Oracle E-Business Suite CVE-2025-61882 Remote Code Execution

This Metasploit module exploits CVE-2025-61882 in Oracle E-Business Suite by combining server-side request forgery, path traversal, HTTP request smuggling, and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to remote code execution. This...

AttackMate: Realistic Emulation and Automation of Cyber Attack Scenarios across the Kill Chain

Adversary emulation tools facilitate scripting and automated execution of cyber attack chains, thereby reducing costs and manual expert effort required for security testing, cyber exercises, and intrusion detection research. However, due to the fact that existing tools typically rely on agents...

Spring AI Agentic Patterns (Part 2): AskUserQuestionTool - Agents That Clarify Before Acting

Traditional AI interactions follow a common pattern: you provide a prompt, the AI makes assumptions, and produces a response. When those assumptions don't match your needs, you're left iterating through corrections. Each assumption creates rework—wasting time and context. What if your AI agent...

PT-2026-3219

Name of the Vulnerable Software and Affected Versions net.sourceforge.plantuml:plantuml versions prior to 1.2026.0 Description The software is susceptible to a Stored Cross-Site Scripting XSS issue because of inadequate sanitization of interactive attributes within GraphViz diagrams. A specially...

PlantUML security vulnerabilities

PlantUML is an open-source component that allows for rapid creation of diagrams from textual descriptions. Versions of PlantUML prior to 1.2026.0 contained security vulnerabilities, which stemmed from insufficient cleanup of interactive properties in GraphViz diagrams, potentially leading to...

MiracleLinux 4 : libssh2-1.4.2-3.AXS4.1 (AXSA:2019-3922:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3922:01 advisory. libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3855 libssh2: Integer overflow in keyboard interactive handlin...

MiracleLinux 4 : openssh-5.3p1-114.AXS4 (AXSA:2016-145:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-145:01 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004354 advisory. In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly...

CVE-2025-63314

A static password reset token in the password reset function of DDSN Interactive Acora CMS v10.7.1 allows attackers to arbitrarily reset the user password and execute a full account takeover via a replay attack...

odfs_rce_poc

Online Discussion Forum Site 1.0 - Remote Code Execution PoC...