CORScanner

CORS Exploiter Automated CORS misconfiguration scanner with...

📄 MinIO RELEASE.2023-03-20T20-16-18Z Vulnerability Scanner

This PHP script is a command-line vulnerability scanner designed to detect CVE-2023-28432 in MinIO servers. The vulnerability allows unauthenticated access to sensitive environment variables through the /minio/bootstrap/v1/verify endpoint...

SUSE: Security Advisory (SUSE-SU-2025:01799-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-8fdb7be3cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-12637

creationtimestamp| type| source ---|---|--- 2025-03-19 18:15:17+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lkqs2hut3r2m 2025-03-19 18:39:47+00:00| seen| https://bsky.app/profile/aakl.bsky.social/post/3lkqtg6trvk2j 2025-03-19 18:39:48+00:00| seen|...

Exploit for OS Command Injection in Php

CVE-2024-4577: PHP CGI Argument Injection XAMPP 💀 Featur...

Exploit for CVE-2024-1208

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

Exploit for Command Injection in Ivanti Connect_Secure

🚨 CVE-2024-21887 Exploit Tool 🛠️ A robust tool for detecting...

DEBIAN-CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

CVE-2023-23915

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

CVE-2023-23915

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

Exploit for OS Command Injection in Telesquare Sdt-Cs3B1_Firmware

It is an offensive tool for web exploitation. The repository is...

When curl is instructed to download content using the metalink feature thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.

...

TimeClock Software 0.995 - (Authenticated ) Multiple SQL Injections

Exploit Title : Timeclock-software - Multiple SQL injections Author:Marcela Benetrix Date: 01/27/2016 version: 0.995 older version may be vulnerable too software link:http://timeclock-software.net Timeclock software Timeclock-software.net's free software product will be a simple solution to allow...

Cookiescanner - Tool to Check the Cookie Flag for a Multiple Sites

Tool to do more easy the web scan proccess to check if the secure and HTTPOnly flags are enabled in the cookies path and expires too. This tools allows probe multiple urls through a input file, by a google domain looking in all subdomains or by a unique url. Also, supports multiple output like...

UF FE office platform General SQL injection-vulnerability warning-the black bar safety net

The connection existsSQL injection /permissionsreport/flowTreeXml. jsp? treeSearchKey=1 sqlmap-u "http://oa.hzuf.com:9090/permissionsreport/flowTreeXml.jsp?treeSearchKey=1" ! 1.jpg sqlmap-u "http://oa.hzuf.com:9090/permissionsreport/flowTreeXml.jsp?treeSearchKey=1" --dbs ! 2.jpg 5 Case:...

CVE-2012-3831

Cross-site scripting XSS vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag...