Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Hacker One
Hacker Oneadded 2020/12/31 8:20 a.m.363 views

h1-ctf: h1-ctf : 12 days of hack holiday writeup

Summary This was a real fun CTF and I really enjoyed solving the challenges. Great job on creating the challenges. This is my writeup for the "12 Days of Hacky Holidays CTF". I hope you enjoy reading it, and I hope others reading it will pick up a trick or two. Flags: This is all the flags found...

7.1AI score
Exploits0
Kitploit
Kitploitadded 2020/12/19 11:30 a.m.69 views

Bento - A Minimal Fedora-Based Container For Penetration Tests And CTF With The Sweet Addition Of GUI Applications

A bento 弁当, bentō is a single-portion take-out or home-packed meal of Japanese origin. Bento Toolkit is a simple and minimal docker container for penetration testers and CTF players. It has the portability of Docker with the addition of X, so you can also run GUI application like burp...

7.1AI score
Exploits0References1
Kitploit
Kitploitadded 2020/04/14 12:0 p.m.146 views

Domained - Multi Tool Subdomain Enumeration

A domain name enumeration tool The tools contained in domained requires Kali Linux preferred or Debian 7+ and Recon-ng domained uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting with categorized screenshots,...

7.4AI score
Exploits0References20
Packet Storm
Packet Stormadded 2019/09/03 12:0 a.m.235 views

Totaljs CMS 12.0 Widget Creation Code Injection

Author/Discoverer: Riccardo Krauter @CertimeterGroup + Title: Totaljs CMS Authenticated Code injection on widget creation. + Affected software: Totaljs CMS 12.0 + Description: An authenticated user with “widgets” privilege can gain RCE on the remote server by creating a malicious widget with a...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2019/09/03 12:0 a.m.198 views

Totaljs CMS 12.0 Path Traversal

Totaljs CMS authenticated path traversal could lead to RCE + Author/Discoverer: Riccardo Krauter @CertimeterGroup + Title: Totaljs CMS authenticated path traversal could lead to RCE + Affected software: Totaljs CMS 12.0 + Description: An authenticated user with “Pages” privilege can include via...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2014/09/26 12:0 a.m.76 views

DHCP Client Bash Environment Variable Code Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/proto/dhcp' class Metasploit3 'DHCP Client Bash Environment Variable Code Injection', 'Description' = %q This module exploits a code...

10CVSS1.2AI score0.9422EPSS
Exploits130
Rows per page
Query Builder