28 matches found
CVE-2026-28123
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
EUVD-2026-9775
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
CVE-2026-28123
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
CVE-2026-28123
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
CVE-2026-28123 WordPress Veil theme <= 1.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
CVE-2026-28123
CVE-2026-28123 is a Local File Inclusion vulnerability in the Veil WordPress theme (Veil) affecting versions
CVE-2026-28123 WordPress Veil theme <= 1.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
WordPress plugin Veil 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-23395
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...
WordPress Veil theme <= 1.9 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Veil versions = 1.9...
VEIL: Jailbreaking Text-To-Video Models Via Visual Exploitation from Implicit Language
Jailbreak attacks can circumvent model safety guardrails and reveal critical blind spots. Prior attacks on text-to-video T2V models typically add adversarial perturbations to obviously unsafe prompts, which are often easy to detect and defend. In contrast, we show that benign-looking prompts...
Shr3dKit
This is a Red Team Tool Kit repository, specifically designed for penetration testing and red teaming activities. The tool kit is influenced by infosecn1nja's kit and includes a wide range of tools for reconnaissance, weaponization, and delivery. The repository contains a total size of 2.5+Gb and...
DCOM abuse and lateral movement with Cobalt Strike
Introduction When researching lateral movement techniques I came across a post from Raphael Mudge of Cobalt Strike fame. He details scripting an Aggressor Script for Matt Nelson’s MMC20.Application Lateral Movement technique. Reading that post spurred me to make my own DCOM based lateral movement...
Killchain - A Unified Console To Perform The "Kill Chain" Stages Of Attacks
What is “Kill Chain”? From Wikipedia: The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision, order to attack the target, and finally the destruction of the target. Reconnaissance...
SpookFlare v2.0 - Loader, Dropper Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has...
Antivirus Evasion Framework: Veil Framework
Antivirus Evasion Framework: Veil Framework The Veil-Framework is a collection of red team security tools that implement various attack methods focused on evading detection. It currently consists of: Veil-Evasion : a tool to generate antivirus-evading payloads using a variety of techniques and...
AntiVirus Evasion Reconstructed – Veil 3.0
The Veil Framework is a collection of tools designed for use during offensive security testing. When the time calls for it, Mandiant’s Red Team will use the Veil-Framework to help achieve their objective. The most commonly used tool is Veil-Evasion, which can turn an arbitrary script or piece of...
AntiVirus Evasion Reconstructed – Veil 3.0
The Veil Framework is a collection of tools designed for use during offensive security testing. When the time calls for it, Mandiant’s Red Team will use the Veil-Framework to help achieve their objective. The most commonly used tool is Veil-Evasion, which can turn an arbitrary script or piece of...
Veil-Evasion RPC Command Injection Vulnerability
Veil Evasion is a payload that generates Metasploit an open source security vulnerability detection tool and bypasses common antivirus executables. A command injection vulnerability exists in Veil-Evasion RPC versions 2.5.2 through 2.24. An attacker could use this vulnerability to execute arbitra...
Multiple Command Injection Vulnerabilities in Veil-Evasion RPC
Veil-Evasion is a suite of tools designed specifically for generating kill-free MSFPAYLOAD. A command injection vulnerability exists in Veil-Evasion versions 2.5.2 through 2.24, which can be exploited by an attacker to execute arbitrary commands in an affected application...