CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/23 8:5 a.m.•3 views

Exploits0References4

CVE-2024-51735

Osmedeus is a Workflow Engine for Offensive Security. Cross-site Scripting XSS occurs on the Osmedues web server when viewing results from the workflow, allowing commands to be executed on the server. When using a workflow that contains the summary module, it generates reports in HTML and Markdow...

8.7CVSS6AI score0.00185EPSS

Veracode•added 2024/11/14 6:35 a.m.•7 views

Cross-Site Scripting (XSS)

github.com/j3ssie/osmedeus is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper filtering of file contents when generating reports. The contents of the report files HTML and Markdown are read and used to generate the report, but they are not adequately sanitized, allowi...

8.7CVSS6.2AI score0.00185EPSS

Exploits0References6Affected Software1

SUSE CVE•added 2024/11/08 3:48 a.m.•1 views

SUSE CVE-2024-51735

OSV•added 2024/11/06 5:21 p.m.•10 views

Exploits0References4

GO-2024-3254 Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE in github.com/j3ssie/osmedeus

Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE in github.com/j3ssie/osmedeus...

8.7CVSS6.8AI score0.00185EPSS

NVD•added 2024/11/05 7:15 p.m.•11 views

CVE-2024-51735

8.7CVSS0.00185EPSS

Cvelist•added 2024/11/05 6:49 p.m.•20 views

CVE-2024-51735 Stored Cross-site Scripting to RCE on Osmedeus Web Server

8.7CVSS0.00185EPSS

CVE•added 2024/11/05 6:49 p.m.•48 views

CVE-2024-51735

CVE-2024-51735 affects Osmedeus Web Server. The issue is a Stored XSS in the web UI when viewing workflow results, where unfiltered content in the generated HTML/Markdown reports can execute commands on the host. The root cause is improper filtering of file contents used in the report generation ...

8.7CVSS5.8AI score0.00185EPSS

Vulnrichment•added 2024/11/05 6:49 p.m.•18 views

CVE-2024-51735 Stored Cross-site Scripting to RCE on Osmedeus Web Server

OSV•added 2024/11/05 6:49 p.m.•0 views

CVE-2024-51735 Stored Cross-site Scripting to RCE on Osmedeus Web Server

Github Security Blog•added 2024/11/05 3:18 p.m.•28 views

Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE

Summary XSS occurs on the Osmedues web server when viewing results from the workflow, allowing commands to be executed on the server. Details When using a workflow that contains the summary module, it generates reports in HTML and Markdown formats. The default report is based on the...

8.7CVSS6AI score0.00185EPSS

Exploits0References4Affected Software1

OSV•added 2024/11/05 3:18 p.m.•10 views

GHSA-WVV7-WM5V-W2GV Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE

9.3CVSS6.8AI score0.00185EPSS

Exploits0References4

CNNVD•added 2024/11/05 12:0 a.m.•1 views

Osmedeus Core Engine 安全漏洞

Osmedeus Core Engine is a workflow engine for offensive security by the individual developer Ai Ho. A security vulnerability exists in Osmedeus Core Engine version 4.6.4 and earlier, which stems from improper file content filtering and is vulnerable to cross-site scripting attacks, and may also...

8.7CVSS6.1AI score0.00185EPSS

Positive Technologies•added 2024/10/31 12:0 a.m.•2 views

PT-2024-9219 · Osmedeus +1 · Osmedeus +1

Name of the Vulnerable Software and Affected Versions: Osmedeus affected versions not specified Description: The issue is related to a Cross-site Scripting XSS vulnerability in the Osmedeus web server when viewing results from the workflow. This allows commands to be executed on the server. The...

9.3CVSS5.7AI score0.00417EPSS

Exploits2References35

Kitploit•added 2022/03/06 8:30 p.m.•28 views

Osmedeus - A Workflow Engine For Offensive Security

A Workflow Engine For Offensive Security Installation NOTE that you need some essential tools like curl, wget, git, zip and login as root to start bash -c "$curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install.sh" Build the engine from source Make sure you installed...

7.3AI score

Kitploit•added 2020/03/11 11:33 a.m.•76 views

Sifter - A OSINT, Recon And Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...

7.2AI score

Exploits0References2

Kitploit•added 2019/10/22 12:0 p.m.•136 views

Osmedeus v2.1 - Fully Automated Offensive Security Framework For Reconnaissance And Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh This install only focus on Kali linux, check more install on Usage page How to use ...

7.2AI score

Exploits0References7

Kitploit•added 2019/04/27 12:46 p.m.•95 views

Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advanced Usage ./osmedeus.py -t example.com Installation git clone...

7.3AI score

Kitploit•added 2019/04/02 11:55 a.m.•156 views

Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage ./osmedeus.py -t example.com Installation git clone...

7.3AI score