Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

The Hacker News
The Hacker Newsadded 2025/02/10 3:16 p.m.12 views

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

Threat actors have been observed leveraging Google Tag Manager GTM to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and...

7AI score
Exploits0
The Hacker News
The Hacker Newsadded 2024/12/17 2:11 p.m.7 views

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUXCONSOLE , said it likely starts with a phishing email link or...

7.7AI score
Exploits0
Cvelist
Cvelistadded 2024/01/16 3:52 p.m.18 views

CVE-2022-1609 The School Management < 9.9.7 - Unauthenticated RCE via REST api

The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site...

10AI score0.93495EPSS
Exploits6References1
ATTACKERKB
ATTACKERKBadded 2024/01/16 12:0 a.m.158 views

CVE-2022-1609

The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it’s license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site. Recent assessments: Assessed Attacker Value: 0 Assessed...

9.8CVSS9.8AI score0.93495EPSS
In wildExploits6References2
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

OpenX Backdoor PHP Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
0day.today
0day.todayadded 2013/08/09 12:0 a.m.37 views

OpenX Backdoor PHP Code Execution Vulnerability

OpenX Ad Server version 2.8.10 was shipped with an obfuscated backdoor since at least November 2012 through August 2013. Exploitation is simple, requiring only a single request with a rot13'd and reversed payload. This file is part of the Metasploit Framework and may be subject to redistribution...

9.2AI score0.8819EPSS
Exploits5
Rows per page
Query Builder