170 matches found
CVE-2026-25924
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
📄 LimeSurvey 5.2.4 Remote Code Execution
Proof of concept exploit for LimeSurvey version 5.2.4 that loads a malicious PHP plugin and executes a reverse shell. ============================================================================================================================================= | Title : LimeSurvey 5.2.4 reverse...
Notepad++ Plugin Persistence
This module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched. Module Options msf use exploit/windows/persistence/notepadppplugin msf...
CVE-2022-42123
A Zip slip vulnerability in the Elasticsearch Connector in Liferay Portal 7.3.3 through 7.4.3.18, and Liferay DXP 7.3 before update 6, and 7.4 before update 19 allows attackers to create or overwrite existing files on the filesystem via the installation of a malicious Elasticsearch Sidecar plugin...
📄 Figma Desktop Application 125.6.5 Remote Code Execution
Figma Desktop Application version 125.6.5 proof of concept remote code execution exploit that leverages the plugin manifest. ============================================================================================================================================= | Title : Figma Desktop...
Use Of Hard-coded Cryptographic Key
AstrBot is vulnerable to the Use of Hard-coded Cryptographic Key. The vulnerability is due to the presence of a hard-coded signing key in the application, which allows an attacker to forge tokens and execute arbitrary commands by installing a malicious plugin...
WordPress AI Engine Plugin MCP Unauthenticated Admin Creation to RCE
This module exploits an unauthenticated vulnerability in the WordPress AI Engine plugin versions use exploit/multi/http/wpaienginemcprce msf exploitwpaienginemcprce show targets ...targets... msf exploitwpaienginemcprce set TARGET msf exploitwpaienginemcprce show options ...show and set options...
Notepad++ Plugin Persistence
This Metasploit module create persistence by adding a malicious plugin to Notepad++, as it blindly loads and executes DLL from its plugin directory on startup, meaning that the payload will be executed every time Notepad++ is launched...
Use of Hard-coded Credentials
Overview AstrBot is a 易上手的多平台 LLM 聊天机器人及开发框架 Affected versions of this package are vulnerable to Use of Hard-coded Credentials for signature verification. An attacker can gain unauthorized access and execute arbitrary commands by bypassing authentication using a hard-coded JWT signing key and...
GHSA-4M32-CJV7-F425 AstrBot is vulnerable to RCE with hard-coded JWT signing keys
Summary AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin. Details AstrBot uses a hard-coded JWT signing key, which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python...
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
Summary AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin. Details AstrBot uses a hard-coded JWT signing key, which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python...
PT-2025-47033
Name of the Vulnerable Software and Affected Versions AstrBot version 3.5.15 Description The software uses a hard-coded private key, "Advanced System for Text Response and Bot Operations Tool", to sign JSON Web Tokens JWT, which are compact, URL-safe means of representing claims to be transferred...
Malicious code in prettier-plugin-markdown-aquarius-colors-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93e02a281f78f15c659fc2bc0017a1f4fc72c6e3519a06df0c8b38338db6ed47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2021-15885
Malware in sbrugna...
EUVD-2023-2892
Malicious code in bioql PyPI...
EUVD-2022-7363
Malicious code in bioql PyPI...
EUVD-2022-7342
Malicious code in bioql PyPI...
EUVD-2025-21034
Malicious code in bioql PyPI...
EUVD-2023-56364
Malicious code in bioql PyPI...
EUVD-2024-1492
Malicious code in bioql PyPI...