9 matches found
poc_regex
pocregex pocregex: Extract th...
CVE-2025-58353
Promptcraft Forge Studio is affected by CVE-2025-58353 due to its input sanitization using a regex blacklist (e.g., replace(/javascript:/gi, '')). The issue arises because the sanitizer operates on multi-character tokens and applies each replacement only once, which can create new dangerous token...
ManageEngine SupportCenter Plus < 14.9 Build 14940 Privilege Escalation
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.9 Build 14940. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-8309 advisory. - A privilege escalation vulnerability caused by the overly permissive regular expression regex rule...
Codecat v0.56 - An Open-Source Tool To Help You Find/Track User Input Sinks And Security Bugs Using Static Code Analysis
CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Current rules for C,C++,GO,Python,javascript,Swift,PHP,Ruby,ASP,Kotlin,Dart and Java.you can create your rules video How too install, step by step:...
httpd: URL normalization inconsistency
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes '/', directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing wi...
Raptor WAF v0.6 - Web Application Firewall using DFA
Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. http://funguscodes.blogspot.com.br/ to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" us...
Cuteit v0.2.1 - IP Obfuscator Made To Make A Malicious Ip A Bit Cuter
IP obfuscator made to make a malicious ip a bit cuter A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. All of that...
file: unrestricted regular expression matching
Multiple flaws were found in the File Information fileinfo extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU...
file: unrestricted regular expression matching
Multiple flaws were found in the File Information fileinfo extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU...