CVE-2026-41657

Admidio is an open-source user management solution. Prior to version 5.0.9, the contactsdata.php endpoint uses a weaker permission check isAdministratorUsers, requiring only roledituser=true than the frontend UI contacts.php which correctly requires the stronger isAdministrator requiring...

Malicious code in @zalastax/nolb-_rol (npm)

The package @zalastax/nolb-rol was found to contain malicious code...

MAL-2025-10376 Malicious code in @zalastax/nolb-_rol (npm)

The package @zalastax/nolb-rol was found to contain malicious code...

CVE-2024-48589

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php...

CVE-2024-48589

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php...

CVE-2024-48589

CVE-2024-48589 affects Gilnei Moraes phpABook v0.9. It is a Cross Site Scripting vulnerability in index.php via the rol parameter, allowing a remote attacker to cause arbitrary code execution in the context of the victim’s browser. Public references describe a payload path that enables XSS, with ...

phpABook 安全漏洞

phpABook is a simple address/contact management system using PHP and MySQL by the individual developer Gilnei Moraes in Brazil. A security vulnerability exists in phpABook version v.0.9. An attacker can exploit this vulnerability to execute arbitrary code via the rol parameter in index.php...

PT-2025-5874 · Gilnei Moraes · Phpabook

Name of the Vulnerable Software and Affected Versions: Gilnei Moraes phpABook version 0.9 Description: The issue allows a remote attacker to execute arbitrary code via the rol parameter in "index.php". This is a Cross Site Scripting issue. Recommendations: For Gilnei Moraes phpABook version 0.9,...

Exploit for CVE-2024-48589

phpAbook 9.0i - Cross-Site Scripting XSS Vulnerability CVE-...

Malicious code in eslint-config-rol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59802bc5756428efbf7b526544c4810c52e25993ab31429ba7463831b40b9be4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Linux/x64_86 ROL Encoded Execve Shellcode (57 bytes)

57 bytes small Linux/x6486 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload. // Shellcode Title: Linux/x64 - ROL Encoded Execve Shellcode 57 bytes // Shellcode Author: Bobby Cooke // Tested...

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

linux/x86 /bin/sh ROL/ROR Encoded Shellcode

Custom shellcode encoder/decoder that switches between byte ROR and byte ROL 1. Update eRORoROL-encoder.py with your shellcode 2. Run eRORoROL-encoder.py 3. Copy output from eRORoROL-encoder.py and update eRORoROL-decoder.nasm 4. Run eRORoROLcompile.sh -----eRORoROL-encoder.py BEGIN CODE-----...