Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

OSV
OSVadded 2022/03/14 10:15 p.m.12 views

CVE-2022-24740 Improper Authentication in Volto

Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and...

5CVSS7.7AI score0.00258EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2022/03/14 10:15 p.m.6 views

CVE-2022-24740 Improper Authentication in Volto

Volto is a ReactJS-based frontend for the Plone Content Management System. Between versions 14.0.0-alpha.5 and 15.0.0-alpha.0, a user could have their authentication cookie replaced with an authentication cookie from another user, effectively giving them control of the other user's account and...

5CVSS7.7AI score0.00258EPSS
Exploits0References2
CVE
CVEadded 2022/03/14 10:15 p.m.96 views

CVE-2022-24740

Volto (the Plone React frontend) versions 14.0.0-alpha.5 through 15.0.0-alpha.0 are vulnerable to authentication cookie replacement under high server load due to an outdated react-cookie library. This could allow an attacker to gain the other user’s account privileges. A proof of concept does not...

7.5CVSS6.3AI score0.00258EPSS
Exploits0References2Affected Software1
Kitploit
Kitploitadded 2021/09/04 12:30 p.m.35 views

Zuthaka - An Open Source Application Designed To Assist Red-Teaming Efforts, By Simplifying The Task Of Managing Different APTs And Other Post-Exploitation Tools

A collaborative free open-source Command & Control integration framework that allows developers to concentrate on the core function and goal of their C2. Explore the docs » About the project Problem Statement The current C2s ecosystem has rapidly grown in order to adapt to modern red team...

7AI score
Exploits0References2
Kitploit
Kitploitadded 2020/12/21 11:30 a.m.62 views

Watcher - Open Source Cybersecurity Threat Hunting Platform

Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation. It should be used on webservers and available on Docker. Watcher capabilities Detect emerging vulnerability, malware using social network & other RSS sources...

7.3AI score
Exploits0References11
Kitploit
Kitploitadded 2020/05/23 1:0 p.m.111 views

Guardedbox - Online Client-Side Manager For Secure Storage And Secrets Sharing

GuardedBox is an open-source online client-side manager for secure storage and secrets sharing. It allows users to upload secrets to a centralized server and retrieve them at anytime and from anywhere. It also allows users to share their secrets with other users, individually or via groups. Secre...

7.2AI score
Exploits0References1
Rows per page
Query Builder