Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Kitploit
Kitploitadded 2024/05/02 12:30 p.m.77 views

C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The Life Of Penetration Testers

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface. C2 Clou...

7.4AI score
Exploits0References3
Patchstack
Patchstackadded 2021/11/15 12:0 a.m.18 views

WordPress Ultimate Nofollow plugin <= 1.4.8 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Quentin VILLAIN 3wsec in WordPress Ultimate Nofollow plugin versions = 1.4.8. Solution Deactivate and delete. This plugin has been closed as of November 3, 2021 and is not available for download. This closure is temporary, pending a full...

5.4CVSS2.8AI score0.0018EPSS
Exploits2References3Affected Software1
Patchstack
Patchstackadded 2021/10/05 12:0 a.m.22 views

WordPress Batch Cat plugin <= 0.3 - Arbitrary Categories Add/Set/Delete to Posts vulnerability

Arbitrary Categories Add/Set/Delete to Posts vulnerability discovered by Quentin VILLAIN 3wsec in WordPress Batch Cat plugin versions = 0.3. Solution Deactivate and delete. This plugin has been closed as of September 24, 2021 and is not available for download. This closure is temporary, pending a...

6.5CVSS3.7AI score0.00316EPSS
Exploits2References3Affected Software1
Hacker One
Hacker Oneadded 2020/06/02 4:34 a.m.31 views

Urban Dictionary: DOM XSS through ads

Multiple ads hosted on www.urbandictionary.com make the www.urbandictionary.com origin vulnerable to DOM XSS. Attached is an image of alertdocument.domain executing. The injection works in Firefox and Chrome. Visiting the following URL will probably cause an alert box displaying the document.doma...

6.4AI score
Exploits0
Schneier on Security
Schneier on Securityadded 2020/02/25 3:15 p.m.29 views

Firefox Enables DNS over HTTPS

This is good news: Whenever you visit a website -- even if it's HTTPS enabled -- the DNS query that converts the web address into an IP address that computers can read is usually unencrypted. DNS-over-HTTPS, or DoH, encrypts the request so that it can't be intercepted or hijacked in order to send...

0.7AI score
Exploits0
hackapp
hackappadded 2017/06/19 4:4 p.m.15 views

Space Villain Voice Changer - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Space Villain Voice Changer published at the 'play' market has multiple vulnerabilities...

1.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder