PrompTrend: Continuous Community-Driven Vulnerability Discovery and Assessment for Large Language Models

Static benchmarks fail to capture LLM vulnerabilities emerging through community experimentation in online forums. We present PrompTrend, a system that collects vulnerability data across platforms and evaluates them using multidimensional scoring, with an architecture designed for scalable...

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

Open Social - Moderately critical - Information Disclosure - SA-CONTRIB-2024-005

Open Social is a Drupal distribution for online communities. The included optional socialgroupflexiblegroup module doesn't sufficiently validate group updates. The lack of validation makes it possible to have content inside the group changing it's visibility, which could lead to that content bein...

Open Social - Critical - Authentication Bypass - SA-CONTRIB-2021-011

Open Social is a Drupal distribution for online communities. The included socialmagiclogin module doesn't sufficiently validate magic login URLs for user accounts. The lack of validation makes it possible for an adversary to forge valid login URLs and login to such an account. This vulnerability ...

Open Social - Critical - Insecure Session Management - SA-CONTRIB-2019-075

Open Social is a Drupal distribution for online communities. The included socialmagiclogin module doesn't sufficiently validate magic login URLs for user accounts that do not have a local password, but login via external systems. The lack of validation makes it possible for an adversary to forge...

IP. Board CMS malicious redirect analysis-vulnerability warning-the black bar safety net

IP. Board CMS is a famous CMS system, which allows users to easily create and manage online communities. And recently Sucuri researcher recently found a for the IP. Board of redirection. After analysis, researchers found that this attack has lasted 2 years. ! Visitors is a malicious redirect The...

2daybiz Network Community Script SQL Injection / Cross Site Scripting

=========================================================== 2daybiz Network Community Script SQLi AND XSS Vulnerability =========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ ...

2daybiz Network Community Script SQL Injection / XSS Vulnerability

Exploit for php platform in category web applications ================================================================== 2daybiz Network Community Script SQL Injection / XSS Vulnerability ==================================================================...

FL Studio 5 (.flp file processing) Heap Overflow

Release Date:-- 26th September 2005 Severity:-- High Arbitrary Code Execution Vendor:-- Image-Line Software Vendor Status:-- Vendor Contacted --- No Response Systems Affected:-- Fl Studio v5.0.1 Confirmed Vulnerability may also exist in previous and current versions Background:-- FL Studio is a...