Lucene search
K

1625 matches found

Nuclei
Nuclei
added 9 hours ago18 views

PrestaShop lgcookieslaw - SQL Injection

The EU Cookie Law GDPR Banner + Blocker PrestaShop module before 2.1.3 allows blind SQL injection via the lglaw or lgcookieslaw cookie used to store user consent choices. id: CVE-2022-44727 info: name: PrestaShop lgcookieslaw - SQL Injection author: mastercho severity: critical description: | The...

9.1CVSS7.2AI score0.02397EPSS
Exploits1References3
The Hacker News
The Hacker News
added 2026/06/24 3:59 p.m.7 views

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrupt the 'assembly lines' cybercriminals...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/19 3:7 p.m.18 views

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. "With these actions we deprive cybercriminals of access to infected computer...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/12 6:59 p.m.15 views

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing

Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence AI agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/12 6:38 a.m.15 views

Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs

Authorities in Europe have disrupted AudiA6 , a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a "key financial pipeline used to wash hundreds of millions in illicit profits." T...

5.6AI score
Exploits0
HackRead
HackRead
added 2026/06/08 1:40 p.m.14 views

Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites

Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 6:6 a.m.13 views

DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets

The U.S. Department of Justice DoJ on Wednesday announced the results of a sweeping action undertaken by government authorities and private sector companies to combat cyber-enabled and cryptocurrency fraud targeting Americans. The "Disruption Week" operation began May 18, 2026, leading to the...

5.9AI score
Exploits0
OSV
OSV
added 2026/06/03 4:11 p.m.7 views

DRUPAL-CONTRIB-2026-040

This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.11 views

PT-2026-46080

This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...

5.9AI score
Exploits0References2
Drupal
Drupal
added 2026/06/03 12:0 a.m.13 views

TacJS - Moderately critical - Improper Access Control - SA-CONTRIB-2026-040

This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to an attacker being able to delete arbitrary cookies. This vulnerability is mitigated by the fact that an attacker needs ...

5.9AI score
Exploits0References2
Wired Threat Level
Wired Threat Level
added 2026/05/26 9:30 a.m.13 views

US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows

As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/22 5:35 p.m.19 views

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network VPN service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. Codenamed Operation Saffron, the disruption of First...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/22 8:50 a.m.18 views

Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks

The U.S. Department of Justice DoJ on Thursday announced the arrest of a Canadian man in connection with allegedly operating a distributed denial-of-service DDoS botnet known as Kimwolf. In tandem, Jacob Butler aka Dort, 23, Ottawa, Canada, has been charged with offenses related to the developmen...

5.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2026/05/21 1:0 p.m.10 views

Rapid7 Quarterly Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement

The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizations can respond effectively. From escalating geopolitical tensions to increasingly aggressive ransomware operations, the latest quarterly...

5.5AI score
Exploits0
NVD
NVD
added 2026/05/16 4:16 p.m.10 views

CVE-2021-47957

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS0.00197EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/16 3:26 p.m.35 views

CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS0.00197EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:26 p.m.9 views

CVE-2021-47957 WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:26 p.m.5 views

CVE-2021-47957

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/16 3:26 p.m.11 views

EUVD-2021-34825

Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
CVE
CVE
added 2026/05/16 3:26 p.m.17 views

CVE-2021-47957

The vulnerability affects the WordPress plugin Cookie Law Bar (version 1.2.1). It is a stored XSS in the Bar Message field (parameter clb_bar_msg) that can be exploited by an authenticated attacker to inject scripts via the plugin settings page, with the payload executing in the browsers of all s...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References4
Rows per page
Query Builder