Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24993

Malicious code in bioql PyPI...

3.8CVSS6.5AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.9 views

PT-2025-33447 · WordPress · Quttera Web Malware Scanner

Name of the Vulnerable Software and Affected Versions: Quttera Web Malware Scanner for WordPress versions up to and including 3.5.1.41 Description: The Quttera Web Malware Scanner plugin for WordPress is susceptible to Server-Side Request Forgery via the RunExternalScan function. Authenticated...

3.8CVSS6.4AI score0.00253EPSS
Exploits0References9
Patchstack
Patchstack
added 2025/08/14 11:8 p.m.8 views

WordPress Quttera Web Malware Scanner plugin <= 3.5.1.41 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability

Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Quttera Web Malware Scanner versions = 3.5.1.41...

3.8CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2024/07/08 3:8 p.m.17 views

Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material CSAM, indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on...

7AI score
Exploits0
NVD
NVD
added 2023/12/18 8:15 p.m.34 views

CVE-2023-6065

The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code...

5.3CVSS0.18697EPSS
Exploits2References2
Prion
Prion
added 2023/12/18 8:15 p.m.19 views

Path traversal

IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks...

5.8CVSS7AI score0.01061EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2023/12/18 8:15 p.m.18 views

Code injection

The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code...

5CVSS7AI score0.18697EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2023/12/18 8:7 p.m.60 views

CVE-2023-6065

CVE-2023-6065 affects the Quttera Web Malware Scanner WordPress plugin (

5.3CVSS5.2AI score0.18697EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2023/12/18 8:7 p.m.38 views

CVE-2023-6065 Quttera Web Malware Scanner < 3.4.2.1 - Directory Listing to Sensitive Data Exposure

The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code...

5.6AI score0.18697EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/12/18 8:7 p.m.13 views

CVE-2023-6222 Quttera Web Malware Scanner < 3.4.2.1 - Admin+ Path Traversal

IThe Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks...

7AI score0.01061EPSS
Exploits2References2
CVE
CVE
added 2023/12/18 8:7 p.m.43 views

CVE-2023-6222

CVE-2023-6222 affects the Quttera Web Malware Scanner WordPress plugin (versions before 3.4.2.1). The vulnerability is a path traversal issue caused by unvalidated user input used in path handling, exploitable by users with an administrator role. Impact, as disclosed in sources, includes potentia...

7.2CVSS6.9AI score0.01061EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.11 views

PT-2023-32569 · WordPress · Quttera Web Malware Scanner

Name of the Vulnerable Software and Affected Versions: Quttera Web Malware Scanner WordPress plugin versions prior to 3.4.2.1 Description: The issue concerns a lack of validation for user input used in a path. This could potentially allow users with an admin role to perform path traversal attacks...

7.2CVSS9.6AI score0.01061EPSS
Exploits2References5
wpexploit
wpexploit
added 2023/11/21 12:0 a.m.215 views

Quttera Web Malware Scanner < 3.4.2.1 - Directory Listing to Sensitive Data Exposure

Description The plugin doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's code http://yoursite/wordpress/wp-content/plugins/quttera-web-malware-scanner/runtime.log...

5.3CVSS9.3AI score0.18697EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/11/21 12:0 a.m.14 views

Quttera Web Malware Scanner < 3.4.2.1 - Admin+ Path Traversal

Description IThe plugin does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks PoC 1 Go to http://yoursite/wordpress/wp-admin/admin.php?page=qutterawmscannerint 2 Click "Scan Now" 3 Click "Detected Threats" 4 Navigate to some...

7.2CVSS9.3AI score0.01061EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2023/11/21 12:0 a.m.174 views

Quttera Web Malware Scanner < 3.4.2.1 - Admin+ Path Traversal

Description IThe plugin does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks 1 Go to http://yoursite/wordpress/wp-admin/admin.php?page=qutterawmscannerint 2 Click "Scan Now" 3 Click "Detected Threats" 4 Navigate to some Suspicio...

7.2CVSS9.5AI score0.01061EPSS
Exploits2References1
Kitploit
Kitploit
added 2018/07/01 2:12 p.m.65 views

Masc - A Web Malware Scanner

A malware web scanner developed during CyperCamp Hackathon 2017. Features At the moment, there are some features avaiable for any type of website custom or CMS and some of them only available for specific platforms: Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules...

6.8AI score
Exploits0References3
Cisco Threats
Cisco Threats
added 2016/12/16 8:45 p.m.13 views

Threat Outbreak Alert RuleID26767: Email Messages Distributing Malicious Software on December 16, 2016

Medium Alert ID: 52131 First Published: 2016 December 16 20:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID26767 may contain the following files: Name |...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/05/05 8:31 p.m.46 views

RedKit Exploit Kit : New web malware exploitation pack

RedKit Exploit Kit : New web malware exploitation pack Trustwave researchers have spotted a new exploit kit called "RedKit Exploit Kit" that being used in the wild is aiming to enter a market that is practically monopolized by the widely famous BlackHole and Phoenix exploit kits. In actual, The n...

10CVSS6.9AI score0.98113EPSS
Exploits25
ThreatPost
ThreatPost
added 2010/06/22 6:20 p.m.9 views

Zero Days By The Dozen in Malware Kits

Security researchers have found twelve zero day flaws targeting five of the most common web malware exploitation kits such as Neon, Eleonore, Liberty, Lucky and the Yes exploitation kits. Read the full article. ZDNet...

2.4AI score
Exploits0References1
ThreatPost
ThreatPost
added 2010/02/12 4:49 p.m.12 views

Energy, Chemical Companies Are Malware Targets

Critical infrastructure organizations, such as those in the energy, oil, pharmaceutical and chemical sectors, encountered at least twice as much web malware as other organizations during 2009, researchers found. Read the full article. Secure Computing...

2.3AI score
Exploits0References2
Rows per page
Query Builder