Malicious code in tempo-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ad4276e2eafbe6d7040f94ac546ec20e7ac211e1e5906964c25f581a519d183 [email protected] is a dependency-confusion attack package. The package.json preinstall hook executes poc.js, which on every npm install harvests...

CVE-2023-36474

Interactsh is an open-source tool for detecting out-of-band interactions. Domains configured with interactsh server prior to version 1.0.0 were vulnerable to subdomain takeover for a specific subdomain, i.e app. Interactsh server used to create cname entries for app pointing to...

Arbitrary File Read/Write

github.com/projectdiscovery/interactsh is vulnerable to Arbitrary File Read/Write. The vulnerability is due to improper smb server restrictions which allows an attacker to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login...

GHSA-M36X-MGFH-8G78 Subdomain Takeover in Interactsh server

A domain configured with interactsh server was vulnerable to subdomain takeover for specfic subdomain, i.e app, Interactsh server before 1.0.0 used to create cname entries for app pointing to projectdiscovery.github.io as default which intended to used for hosting interactsh web client using GitH...

Subdomain Takeover in Interactsh server

A domain configured with interactsh server was vulnerable to subdomain takeover for specfic subdomain, i.e app, Interactsh server before 1.0.0 used to create cname entries for app pointing to projectdiscovery.github.io as default which intended to used for hosting interactsh web client using GitH...

PT-2022-28160 · Projectdiscovery · Interactsh Server

Name of the Vulnerable Software and Affected Versions: Interactsh server versions prior to 1.0.0 Description: Interactsh is an open-source tool for detecting out-of-band interactions. Domains configured with interactsh server prior to version 1.0.0 were vulnerable to subdomain takeover for a...