Malicious code in chaostoolkit-turbulence (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0d12e5d6a53ae410fe90d76b8da4f9f117a8891e73a678c5b5f49059ad31fa6b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2239 Malicious code in chaostoolkit-turbulence (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0d12e5d6a53ae410fe90d76b8da4f9f117a8891e73a678c5b5f49059ad31fa6b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Exploring Satellite Quantum Key Distribution under Atmospheric Constraints

Satellite Quantum Key Distribution creates a pathway for secure global communication with a level of security that is peerless. However, ground-to-satellite Quantum Key Distribution links are degraded due to the atmospheric turbulence. This paper gives a numerical framework using angular spectrum...

Quantum Skyshield: Quantum Key Distribution and Post-Quantum Authentication for Low-Altitude Wireless Networks in Adverse Skies

Recently, low-altitude wireless networks LAWNs have emerged as a critical backbone for supporting the low-altitude economy, particularly with the densification of unmanned aerial vehicles UAVs and high-altitude platforms HAPs. To meet growing data demands, some LAWN deployments incorporate...

hard-coded slippage may freeze user funds during market turbulence (resubmit to downgrade severity)

Lines of code Vulnerability details Impact GeneralVault.solL125 GeneralVault set a hardcoded slippage control of 99%. However, the underlying yield tokens price may go down. If Luna/UST things happen again, users' funds may get locked. LidoVault.solL130-L137 Moreover, the withdrawal of the...

hard-coded slippage may freeze user funds during market turbulence

Lines of code Vulnerability details Impact GeneralVault.solL125 GeneralVault set a hardcoded slippage control of 99%. However, the underlying yield tokens price may go down. If Luna/UST things happen again, users' funds may get locked. LidoVault.solL130-L137 Moreover, the withdrawal of the...

PHP Turbulence 0.0.1 Turbulence.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23580/info PHP Turbulence is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

[SET] Social-Engineer Toolkit v4.3 "Turbulence"

The Social-Engineer Toolkit SET v4.3 has been released today! This version is over two solid months of development and has over 60 new features, additions, fixes, and enhancements. Most notably is the new payload selection called “Multi-pyInjector”. Multi-pyInjector allows you to inject as many...

CVE-2007-2503

Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the GLOBALStcore parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to...

Remote file inclusion

PHP remote file inclusion vulnerability in user/turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALStcore parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to...

CVE-2007-2504

PHP remote file inclusion vulnerability in user/turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALStcore parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to...

Directory traversal

Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the GLOBALStcore parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to...

CVE-2007-2504

PHP remote file inclusion vulnerability in user/turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALStcore parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to...

CVE-2007-2504

Summary (CVE-2007-2504) : PHP Turbulence 0.0.1 alpha contains a PHP remote file inclusion flaw in the file user/turbulence.php , exploitable via a URL parameter GLOBALS[tcore] . The underlying issue is that unsafely incorporating user-supplied data could allow remote attackers to execute arbitrar...

CVE-2007-2503

PHP Turbulence 0.0.1 alpha is affected by a directory-traversal in turbulence.php via GLOBALS[tcore], allowing potential local file inclusion/execution. The issue stems from using a dot-dot path, with a note that a direct request to user/turbulence.php may trigger a fatal error before inclusion. ...

CVE-2007-2503

Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote attackers to include and execute arbitrary local files via a .. dot dot in the GLOBALStcore parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party because a direct request to...

PT-2007-3827 · Php · Php Turbulence

Name of the Vulnerable Software and Affected Versions: PHP Turbulence version 0.0.1 alpha Description: A directory traversal issue allows remote attackers to include and execute arbitrary local files via a .. dot dot in the GLOBALStcore parameter. This issue is disputed due to a fatal error...

PT-2007-3828 · Php · Php Turbulence

Name of the Vulnerable Software and Affected Versions: PHP Turbulence version 0.0.1 alpha Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALStcore parameter in the user/turbulence.php file. However, this vulnerability is disputed because a direct...

turbulence-rfi.txt

. . . . | . .| . .;/ || Infos --------- Date : 2007-04-20 Product : turbulence core Version : 0.0.1 alpha Vendor : http://sourceforge.net/projects/turbulence Vendor Status : 2007-04-20 - Not Informed! 2007-04-21 - Vendor Informed! Description : PHP Turbulence is a suite of PHP scripts that work...

PHP Turbulence Turbulence.PHP远程文件包含漏洞

PHP Turbulence是一款基于PHP的WEB应用程序。 PHP Turbulence不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Turbulence.PHP'脚本对用户提交的'GLOBALStcore'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 PHP Turbulence 0.0.1 alpha 目前没有解决方案提供： http://turbulence.sourceforge.net/...