18 matches found
xss-attacks
...
EUVD-2017-4388
Malware in sbrugna...
EUVD-2019-15460
Malware in sbrugna...
EUVD-2021-28464
Malicious code in bioql PyPI...
EUVD-2025-12707
Malicious code in bioql PyPI...
Exploit for Deserialization of Untrusted Data in Microsoft
suricata-rule-CVE-2025-53770 Detection rules for CVE-2025-5377...
CVE-2025-49192 Clickjacking
The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different from what the user perceives. This could potentially reveal confidential information or allow others to take control of...
CVE-2020-35396
EGavilan Barcodes generator 1.0 is affected by: Cross Site Scripting XSS via the index.php. An Attacker is able to inject the XSS payload in the web application each time a user visits the website...
TranzAxis 3.2.41.10.26 Cross Site Scripting
TranzAxis version 3.2.41.10.26 suffers from a persistent cross site scripting vulnerability. Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version:...
CVE-2024-28141 Cross-Site Request-Forgery
The web application is not protected against cross-site request forgery attacks. Therefore, an attacker can trick users into performing actions on the application when they visit an attacker-controlled website or click on a malicious link. E.g. an attacker can forge malicious links to reset the...
Dolibarr 20.0.1 SQL Injection
Titles: dolibarr 20.0.1 Multiple security token SQLi Author: nu11secur1ty Date: 10/15/2024 Vendor: https://www.dolibarr.org/ Software: https://www.dolibarr.org/downloads.php Reference: https://portswigger.net/web-security/sql-injection Description: The socid parameter appears to be vulnerable to...
Sigurlx - A Web Application Attack Surface Mapping Tool
sigurlx a web application attack surface mapping tool, it does ...: Categorize URLs URLs' categories: endpoint js js style css data json|xml|csv archive zip|tar|tar.gz doc pdf|xlsx|doc|docx|txt media jpg|jpeg|png|ico|svg|gif|webp|mp3|mp4|woff|woff2|ttf|eot|tif|tiff Next, probe HTTP requests to th...
Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. Web Pentest / Information Gathering: Banner Grab Whois Traceroute DNS Record Reverse DNS Lookup Zone Transfer Lookup Port Scan Admin Panel Scan Subdomain Scan CMS Identify Reverse IP Lookup Subnet Lookup Extract Page...
2017 in Snort Signatures.
This post was written by Martin Lee and Vanja Svajcer. 2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact organizations throughout the world. In 2017, Talos researchers discovered many...
file: out-of-bounds read in elf note headers
An out-of-bounds read flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...
CmsEasy injection vulnerability analysis-vulnerability warning-the black bar safety net
CmsEasy is a paragraph based on PHP+Mysql architecture of the web content management system, but also a PHP development platform. It uses a modular approach to development, functional and easy to use to facilitate the expansion, for medium to large sites provide heavyweight site construction...
Dolibarr < 3.1RC3 Multiple Vulnerabilities - Active Check
Dolibarr is prone to multiple cross-site scripting XSS and SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
PHP-Nuke - SQL Injection Edit/Save Messages
!/usr/bin/perl use LWP; $log = "poskomenphpnukesavemsg.txt"; $Agent = "Mbahmubangga/1.0"; $proxy = "http://172.9.1.11:80/"; proxy:port ... $browser = LWP::UserAgent-new; $browser - agent$Agent; $url = 'http://www.sitewithphpnuke.com/admin.php'; $browser-proxyhttp = $proxy if defined$proxy; printl...