CVE-2026-31913

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Whitebox-Studio Scape scape allows Path Traversal.This issue affects Scape: from n/a through 1.5.16...

EUVD-2026-15813

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Whitebox-Studio Scape scape allows Path Traversal.This issue affects Scape: from n/a through 1.5.16...

CVE-2026-31913

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Whitebox-Studio Scape scape allows Path Traversal.This issue affects Scape: from n/a through 1.5.16...

CVE-2026-31913

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Whitebox-Studio Scape scape allows Path Traversal.This issue affects Scape: from n/a through 1.5.16...

PT-2026-27993

Name of the Vulnerable Software and Affected Versions Whitebox-Studio Scape versions prior to 1.5.16 Description An improper limitation of a pathname to a restricted directory, known as a 'Path Traversal' issue, exists in Whitebox-Studio Scape. This allows an attacker to potentially access files...

Pensar Apex AI-Powered Penetration Testing

Pensar Apex is an AI-powered penetration testing using autonomous agents - directly in your terminal. Run blackbox and whitebox pentests that explore, reason, and surface real vulnerabilities...

CVE-2025-60213

Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through = 1.5.13...

EUVD-2025-35413

Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through = 1.5.13...

CVE-2025-60213

Deserialization of Untrusted Data vulnerability in Whitebox-Studio Scape scape allows Object Injection.This issue affects Scape: from n/a through = 1.5.13...

WordPress plugin Whitebox-Studio Scape 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

May I Have Your Attention? Breaking Fine-Tuning Based Prompt Injection Defenses Using Architecture-Aware Attacks

A popular class of defenses against prompt injection attacks on large language models LLMs relies on fine-tuning the model to separate instructions and data, so that the LLM does not follow instructions that might be present with data. There are several academic systems and production-level...

Shuffling Cards When You Are of Very Little Brain: Low Memory Generation of Permutations

How can we generate a permutation of the numbers $1$ through $n$ so that it is hard to guess the next element given the history so far? The twist is that the generator of the permutation the "Dealer" has limited memory, while the "Guesser" has unlimited memory. With unbounded memory actually $n$...

Slurp - S3 Bucket Enumerator

Blackbox/whitebox S3 bucket enumerator Overview Credit to all the vendor packages that made this tool possible. This is a security tool; it's meant for pen-testers and security professionals to perform audits of s3 buckets. Features Scan via domains; you can target a single domain or a list of...

Comparison of Application Security Testing Approaches

Overview The following table lists a side-by-side comparison of different application security testing approaches. Additional rating details are available when hovering over each column. In the following, each approach is introduced. Category Automated Security Testing Manual Security Testing...

CoMisSion: Open Source WhiteBox CMS Analysis Tool

PenTestIT RSS Feed Less than a week ago, an open source white-box CMS analysis tool was released - CoMisSion. I had covered a similar local web application vulnerability scanner - pyfiscan. This new tool tends to automate a lot of tasks that help you analyze a CMS setup and tend to be long, tedio...

WordPress No External Links 3.5.17 Cross Site Scripting

DefenseCode ThunderScan SAST Advisory WordPress No External Links Plugin Security Vulnerability Advisory ID: DC-2017-01-022 Advisory Title: WordPress No External Links Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress No External Links Plugi...

Belden Garrettcom 6K10K Switches - Authentication Bypass Memory Corruption

Belden Garrettcom 6K10K Switches - Authentication Bypass Memory Corruption Introduction ------------ Vulnerabilities were identified in the Belden GarrettCom 6K and 10KT Magnum series network switches. These were discovered during a black box assessment and therefore the vulnerability list should...

Linux Kernel 2.4/2.6 - sock_sendpage() ring0 Root Exploit (Simple Version)

No description provided by source. / 0x82-CVE-2009-2692 Linux kernel 2.4/2.6 32bit socksendpage local ring0 root exploit simple ver Tested RedHat Linux 9.0, Fedora core 411, Whitebox 4, CentOS 4.x. -- Discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team. spender and venglin's...

Check_MK Arbitrary File Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts GmbH - Security Advisory LSE-2014-05-21 === CheckMK - Arbitrary File Disclosure Vulnerability - -------------------------------------------------- Affected Versions ================= Linux versions of CheckMK equal or...

phpMyRecipes 1.x.x XSS / CSRF / SQL Injection

Product: phpMyRecipes version 1.x.x Vulnerability: Multiple SQL Injection, XSS and CSRF Vulnerabilities Impact: High Authors: Rafay Baloch And Sikandar Ali Company: RHAinfoSEC Website: http://rhainfosec.com Introduction ============ "PhpMyRecipes is a simple application for storing and retrieving...