70 matches found
Malicious code in watch-knock-at-2023-cabin-online-streaming-at-home (npm)
--- -= Per source details. Do not edit below this line.=-...
Knock Knock plugin Open redirection vulnerability
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
GHSA-M69R-4H68-XQ7J Knock Knock plugin Open redirection vulnerability
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
GHSA-WXVR-QQM7-6H65 Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
Knock Knock Input Validation Error Vulnerability
Pixel & Tonic Craft CMS is the United States Pixel & Tonic company's set of content management system CMS.Knock Knock is one of the access rights management plugin. A security vulnerability exists in Knock Knock versions prior to 1.2.8 for Pixel & Tonic Craft CMS. An attacker can exploit this...
Knock Knock Security Restriction Bypass Vulnerability
Pixel & Tonic Craft CMS is the United States Pixel & Tonic company's set of content management system CMS.Knock Knock is one of the access rights management plugin. A security vulnerability exists in Knock Knock versions prior to 1.2.8 for Pixel & Tonic Craft CMS. The vulnerability can be exploit...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13486
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
Design/Logic Flaw
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
Information disclosure
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13485
The Knock Knock plugin for Craft CMS is affected up to version 1.2.7 (pre-1.2.8). The root cause is a flawed IP whitelisting mechanism that trusts the X-Forwarded-For header, allowing an attacker to bypass IP-based access controls. Impact: potential unauthorized access due to bypassed whitelist; ...
CVE-2020-13486
CVE-2020-13486 affects the Knock Knock plugin for Craft CMS (versions before 1.2.8). The root cause is an open redirection vulnerability arising from insufficient validation of redirect parameters, as documented by multiple sources in the connected records. The impact is malicious redirection; ex...
CVE-2020-13486
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
Domained - Multi Tool Subdomain Enumeration
A domain name enumeration tool The tools contained in domained requires Kali Linux preferred or Debian 7+ and Recon-ng domained uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting with categorized screenshots,...
DLL Hijacking Vulnerability in Knock Knock pc Client Software
Jingdongdong is the official communication platform between customers, merchants and Jingdong, providing a channel for customers and merchants to give feedback. A DLL hijacking vulnerability exists in the Knockturn pc client software, which can be exploited by an attacker to inject an executable...
Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone
Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. A thorough blog will be up in sometime. Stay tuned for the Stable version with a...
DHS Urges Vigilance in Protecting Networking Gear
After a summer of high-profile attacks and disclosures centered around enterprise network infrastructure, the Department of Homeland Security on Tuesday put out an alert explaining some of the tactics used by advanced attackers, and urged special caution in maintaining supply chain integrity. The...