7377 matches found
CVE-2026-25378
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
CVE-2026-25378
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
CVE-2026-25378
CVE-2026-25378 affects the Nelio AB Testing WordPress plugin (
CVE-2026-25378 WordPress Nelio AB Testing plugin <= 8.2.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
CVE-2026-25378 WordPress Nelio AB Testing plugin <= 8.2.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
WordPress Nelio AB Testing plugin <= 8.2.4 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Nelio AB Testing versions = 8.2.4...
PT-2026-20717
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...
What Makes a Good LLM Agent for Real-World Penetration Testing?
LLM-based agents show promise for automating penetration testing, yet reported performance varies widely across systems and benchmarks. We analyze 28 LLM-based penetration testing systems and evaluate five representative implementations across three benchmarks of increasing complexity. Our analys...
WordPress plugin Nelio AB Testing 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Regular Expression Denial of Service (ReDoS) Detector
This Metasploit auxiliary module implements a scientific approach to detecting and validating ReDoS vulnerabilities in HTTP-based applications. It leverages context-aware payload generation, length progression testing, and statistical analysis to identify inefficient regular expressions that may...
Malicious code in telebot-infe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 590d96b39de125e4d96c7b88fdc57ef5257eddbf8277011e51c84e1500302aaf The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
poc-test-vulnerability
poc-test-vulnerab...
Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta
Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption E2EE in Rich Communications Services RCS messages. The feature is currently available for testing in iOS and iPadOS 26.4 Beta, and is expected to be shipped to customers in a future update for...
📄 n8n Workflow Automation Remote Configuration / Admin Data Extraction
This Metasploit module exploits multiple vulnerabilities in n8n workflow automation tool. It leverages a file read vulnerability to steal encryption keys and database, then uses stolen credentials to authenticate and execute arbitrary commands via the Execute Command node...
OMNI-STRIKE Multi‑Protocol Wireless Security Testing Platform
OMNI‑STRIKE is a multi‑protocol wireless security assessment application built for Flipper Zero. It is designed to discover nearby wireless devices and perform controlled, authorized security testing in a structured and logged environment...
OpenSSL 3.x Realistic ASN.1 / PKCS#12 Denial of Service Tool
This proof of concept builds structurally correct ASN.1 DER / PKCS12 files designed to stress-test OpenSSL's parser and memory handling. It focuses on non-exploitative impacts such as denial of service, excessive memory consumption, deep recursion, malformed lengths, and duplicated/overlapping...
Simulated-pen-test-agent
Simulated-pen-tes...
vulnerability-assessment-lab
vulnerability-assessment-lab Controlled security test...
HTB-Season-10
HTB-Season-10 HTB Season 10 — Competiti...
ARGUS
ARGUS - All-seeing Recon & General Unified Security...