Lucene search
K

364 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.58 views

Jenkins plugins Multiple Vulnerabilities (2024-05-02)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are...

9.8CVSS6.9AI score0.48081EPSS
Exploits0References6
Circl
Circl
added 2024/03/17 11:16 a.m.4 views

CVE-2019-16780

creationtimestamp| type| source ---|---|--- 2024-03-17 11:16:40+00:00| seen| https://t.me/ctinow/209867...

5.8CVSS6.7AI score0.01718EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/01/31 12:21 p.m.42 views

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bustling hub where...

6.3AI score
Exploits0
HackRead
HackRead
added 2023/11/23 5:45 p.m.24 views

Telekopye Toolkit Used as Telegram Bot to Scam Marketplace Users

By Deeba Ahmed Telekopye Toolkit was previously identified in August 2023 as being leveraged for a phishing scam by Russian cybercriminals. This is a post from HackRead.com Read the original post: Telekopye Toolkit Used as Telegram Bot to Scam Marketplace Users...

7.4AI score
Exploits0
Circl
Circl
added 2023/09/14 7:24 a.m.6 views

CVE-2023-4945

creationtimestamp| type| source ---|---|--- 2023-09-14 07:24:10+00:00| seen| https://t.me/cibsecurity/70425...

6.4CVSS6.5AI score0.00491EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/09/05 12:0 a.m.27 views

Analyzing a Facebook Profile Stealer Written in Node.js

We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/24 12:33 p.m.44 views

New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia

A new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye, a portmanteau of Telegram and kopye meaning "spear" in Russian, the toolkit functions as an automated means to create a phishing web page from a premade templat...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/14 3:54 p.m.50 views

QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord

A new remote access trojan RAT called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms. "Once installed on the victim's Windows platform machines, the RAT stealthily collects sensitive data, which is then sent to the attacker's Telegram bot, providi...

6.8AI score
Exploits0
Circl
Circl
added 2023/08/06 2:12 a.m.7 views

CVE-2023-37873

creationtimestamp| type| source ---|---|--- 2023-08-06 02:12:00+00:00| seen| https://t.me/cibsecurity/67822...

7.1CVSS7AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2023/06/22 1:15 p.m.26 views

CVE-2023-34006

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Milesi Telegram Bot & Channel plugin = 3.6.2 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2023/06/22 1:15 p.m.5 views

CVE-2023-34006

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Milesi Telegram Bot & Channel plugin = 3.6.2 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/06/22 1:15 p.m.14 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Milesi Telegram Bot & Channel plugin = 3.6.2 versions...

4.3CVSS4.8AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/06/22 12:58 p.m.41 views

CVE-2023-34006

CVE-2023-34006 concerns the WordPress plugin “Telegram Bot & Channel” by Marco Milesi, affected versions

5.9CVSS5.1AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/22 12:58 p.m.25 views

CVE-2023-34006 WordPress Telegram Bot & Channel Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Milesi Telegram Bot & Channel plugin = 3.6.2 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.4 views

WordPress Plugin Telegram Bot & Channel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.9CVSS6.3AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/22 12:0 a.m.3 views

PT-2023-24625 · Unknown · Marco Milesi Telegram Bot & Channel

Name of the Vulnerable Software and Affected Versions: Marco Milesi Telegram Bot & Channel plugin versions = 3.6.2 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For Marco Milesi Telegram B...

5.9CVSS5.3AI score0.00369EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/05/31 8:58 a.m.31 views

Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks

The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This includes educational institutions, government agencies, military bodies, and non-profit organizations,...

7.1AI score
Exploits0
Patchstack
Patchstack
added 2023/05/29 12:0 a.m.13 views

WordPress Telegram Bot & Channel Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS)

Software Telegram Bot & Channel Type Plugin Vulnerable versions = 3.6.2 Fixed in 3.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34006 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ffd28984fd7d Credits yuyudhn Required...

5.9CVSS5.7AI score0.00369EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2023/05/24 12:40 a.m.4 views

CVE-2023-2703

creationtimestamp| type| source ---|---|--- 2023-05-24 00:40:34+00:00| seen| https://t.me/cibsecurity/64659 2025-01-17 16:57:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2164...

7.5CVSS7.3AI score0.00565EPSS
Exploits0References2
Circl
Circl
added 2023/04/01 12:22 p.m.8 views

CVE-2023-0192

creationtimestamp| type| source ---|---|--- 2023-04-01 12:22:57+00:00| seen| https://t.me/cibsecurity/61296...

7.8CVSS7.8AI score0.00142EPSS
Exploits0References1
Rows per page
Query Builder