flowintel 安全漏洞

Flowintel is an open-source security analyst case and task management platform developed by flowintel. Versions of FlowIntel 3.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the external reference URL detection function in the app/case/task.py file, which has a...

url-detection

No d...

A Graph-Attentive LSTM Model for Malicious URL Detection

Malicious URLs pose significant security risks as they facilitate phishing attacks, distribute malware, and empower attackers to deface websites. Blacklist detection methods fail to identify new or obfuscated URLs because they depend on pre-existing patterns. This work presents a hybrid deep...

URL2Graph++: Unified Semantic-Structural-Character Learning for Malicious URL Detection

Malicious URL detection remains a major challenge in cybersecurity, primarily due to two factors: 1 the exponential growth of the Internet has led to an immense diversity of URLs, making generalized detection increasingly difficult; and 2 attackers are increasingly employing sophisticated...

From past to Present: a Survey of Malicious URL Detection Techniques, Datasets and Code Repositories

Malicious URLs persistently threaten the cybersecurity ecosystem, by either deceiving users into divulging private data or distributing harmful payloads to infiltrate host systems. Gaining timely insights into the current state of this ongoing battle holds significant importance. However, existin...

CanaryTokenScanner - Script Designed To Proactively Identify Canary Tokens Within Microsoft Office Documents And Acrobat Reader PDF (docx, xlsx, pptx, pdf)

Detecting Canary Tokens and Suspicious URLs inMicrosoft Office, Acrobat Reader PDF and Zip Files Introduction In the dynamic realm of cybersecurity, vigilance and proactive defense are key. Malicious actors often leverage Microsoft Office files and Zip archives, embedding covert URLs or macros to...

Exploit for Path Traversal in Stagil Stagil_Navigation

POC script for the vulnerability exposure in the Jira plugin S...

Exploit for Code Injection in Vmware Identity_Manager

VMware-CVE-2022-22954-POC Note: This POC is for educatio...

openSUSE Security Update : nextcloud (openSUSE-2019-640)

This update for nextcloud to version 13.0.5 fixes the following issues : Security issues fixed : - CVE-2018-3780: Fixed a missing sanitization of search results for an autocomplete field that could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names,...

atlanticcoastalarm.com XSS vulnerability

Open Bug Bounty ID: OBB-701603 Description| Value ---|--- Affected Website:| atlanticcoastalarm.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Apache Struts URL Detection

Binary data 700366.prm...

Web Application Sitemap

Publishes the sitemap of the web application as seen by the scan. The list of all URLs that have been detected during the scan are available as an attachment. For each URL in the sitemap, the following information is provided: - The first time the URL is detected - The logic used to detect the UR...

Acunetix v10 - Web Application Security Testing Tool

Acunetix, the pioneer in automated web application security software, has announced the release of version 10 of its Vulnerability Scanner. New features are designed to prevent the risk of hacking for all customers; from small businesses up to large enterprises, including WordPress users, web...

LiteServe HTTP Service Malformed URL Decoding Remote DoS

The remote web server does not respond after it receives a URL consisting of a long string of '%' characters. Note that if the web server is protected with some sort of Intrusion Prevention Systems IPS, this may be a false-positive. C Tenable Network Security, Inc. Affected: Webseal 3.8 unconfirm...