7379 matches found
XAMPP and PHPMyAdmin Web Security Research Playbook
This is a comprehensive security testing guide for XAMPP services. It follows a structured approach: 1 Reconnaissance and Information Gathering, 2 Initial Access Attempts, 3 Post-Authentication Exploitation. Each scenario includes realistic commands and expected outcomes for professional security...
MAL-2026-510 Malicious code in radishwxm5 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4cbabb01d98bcad5705b98f5aac22b9d8f53e8c97e2fe5ab8bca66661e6c0644 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2025-52024
A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthenticated users. By accessing specific URLs, an attacker is presented with a directory-style index listing all available backend services and POS web services,...
Malicious code in test-poc-package-for-session-2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7003b7bd9585bbb25ce1f957ffef83603883d550f07f77443780a7d47a7f20 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
[SECURITY] Fedora 43 Update: python3.9-3.9.25-3.fc43
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
[SECURITY] Fedora 42 Update: python3.9-3.9.25-3.fc42
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
CVE-2025-67944
Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...
CVE-2025-52024
A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthenticated users. By accessing specific URLs, an attacker is presented with a directory-style index listing all available backend services and POS web services,...
Halo Security Achieves SOC 2 Type II Compliance, Demonstrating Sustained Security Excellence Over Time
Halo Security, a leading provider of external attack surface management and penetration testing services, today announced it has…...
Aptsys Gemscms POS Platform security vulnerabilities
Aptsys Gemscms POS Platform is a catering management system developed by the Indian company Aptsys. There is a security vulnerability in the Aptsys Gemscms POS Platform, which stems from the internal API testing tools being exposed to unverified users. This vulnerability could allow unauthorized...
CVE-2025-52024
A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthenticated users. By accessing specific URLs, an attacker is presented with a directory-style index listing all available backend services and POS web services,...
CVE-2025-52024
CVE-2025-52024 affects Aptsys POS Platform Web Services. Affected: Aptsys POS Platform Web Services version(s) prior to 2025-05-29. Root cause: unauthenticated access exposes internal API testing tooling and a directory-style index of backend services and POS web services, each with HTML forms fo...
Malicious code in urlsser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4f6d5a2656d3741fd7a1a4c50a9d3332a09874ef7c46713d0ad5e36478a063e This package does not directly contain malicious code, but was uploaded as part of the malicious campaign and is used as a helper in further infection stages...
MAL-2026-468 Malicious code in urlsser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4f6d5a2656d3741fd7a1a4c50a9d3332a09874ef7c46713d0ad5e36478a063e This package does not directly contain malicious code, but was uploaded as part of the malicious campaign and is used as a helper in further infection stages...
CVE-2025-67944
Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...
CVE-2025-67944 WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...
CVE-2025-67944
Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...
CVE-2025-67944 WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...
CVE-2025-67944
CVE-2025-67944 (Nelio AB Testing) : WordPress plugin Nelio AB Testing (versions
AZL-75014 CVE-2025-71176 affecting package pytest 7.4.0-2
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...