EUVD-2025-32548

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

CVE-2025-61687 FlowiseAI/Flosise has File Upload vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

CVE-2025-61687

CVE-2025-61687 pertains to FlowiseAI/Flowise 3.0.7, where a file upload vulnerability allows authenticated users to upload arbitrary files without validating extensions, MIME types, or content. The flaw enables persistent storage of malicious Node.js web shells on the server, exposing HTTP endpoi...

CVE-2025-61687 FlowiseAI/Flosise has File Upload vulnerability

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

PT-2025-40908

Name of the Vulnerable Software and Affected Versions Flowise version 3.0.7 Description Flowise, a drag & drop user interface for building customized large language model flows, contains a file upload issue. Authenticated users can upload arbitrary files without proper validation, enabling...

EUVD-2023-12336

Malicious code in bioql PyPI...

EUVD-2025-28120

Malicious code in bioql PyPI...

EUVD-2022-36223

Malicious code in bioql PyPI...

EUVD-2025-2138

Malicious code in bioql PyPI...

UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud

Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in search engine optimization SEO fraud and theft of high-value credentials, configuration files, and certificate data. Cisco's file census and DNS analysis show affected Internet Information Servic...

ypserv allows a local user to modify the GECOS and login shells of other users.

...

BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

Cybersecurity researchers are calling attention to a search engine optimization SEO poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed...

Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor

Cookiecutter POC Template A minimal Python cookiecutter templ...

CVE-2025-56295

code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions...

Arbitrary Code Injection

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Arbitrary Code Injection via the supabaseRPCFilter parameter. An attacker with administrative privileges can execute arbitrary server-side code, access sensitive environment variables, and...

Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs

The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL and a previously undocumented USB worm called SnakeDisk. "The worm only executes on devices with Thailand-based IP addresses and drops the Yokai backdoor," IBM X-Force...

pentestdb

This is a repository of penetration testing tools and resources, specifically designed for web application security testing. The repository is called "pentestdb" and is maintained by a user named "alpha1e0". The repository contains a variety of tools and resources, including: 1. Exploit systems: ...

CVE-2025-57642

A Shell Upload vulnerability in Tourism Management System 2.0 allows an attacker to upload and execute arbitrary PHP shell scripts on the server, leading to remote code execution and unauthorized access to the system. This can result in the compromise of sensitive data and system functionality...

PT-2025-37078

Name of the Vulnerable Software and Affected Versions: Tourism Management System version 2.0 Description: A shell upload issue exists in Tourism Management System 2.0, allowing an attacker to upload and execute arbitrary PHP shell scripts on the server. Successful exploitation can lead to remote...

AutoSploit

PoC exploit for CVE-XXXX-XXXX. It is an automated mass exploiter that uses the Shodan.io API to collect targets and then attempts to exploit them using Metasploit modules. The tool can be configured to run all available Metasploit modules against the targets in a 'Hail Mary' type of attack. The...