159 matches found
CVE-2026-25559
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
CVE-2026-25559
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
CVE-2026-25559
Technical details are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-35137
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
CVE-2026-25559
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
CVE-2026-25559 OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
CVE-2026-25559 OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
PT-2026-47341
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
Malicious code in ethers-wordlist (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94ac365a81e582fce9faa13839220134e640d8ec505179e55e7aa636a324205c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3720 Malicious code in ethers-wordlist (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94ac365a81e582fce9faa13839220134e640d8ec505179e55e7aa636a324205c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Lulzbuster 2.0.0
Lulzbuster is a multithreaded, very fast and smart HTTPS directory and file bruteforcer written in C on top of libcurl. Given a target URL and a wordlist, it enumerates valid paths by firing concurrent HTTP requests and reporting back the responses that look like real hits i.e. status codes the...
DNS Spider Multithreaded Bruteforcer 1.5
DNS Spider is a multi-threaded bruteforcer of subdomains that leverages a wordlist and/or character permutation...
GHSA-68J8-PQ59-FQGM NLTK has a Path Traversal issue
A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...
CVE-2026-0847
NLTK up to 3.9.2 contains a path traversal vulnerability in CorpusReader classes (WordListCorpusReader, TaggedCorpusReader, BracketParseCorpusReader) that can lead to arbitrary file reads on the server. Root cause is improper sanitization/validation of file paths, enabling access to sensitive fil...
PT-2026-22883
Name of the Vulnerable Software and Affected Versions IDC SFX SeriesSFX2100 SuperFlex Satellite Receiver affected versions not specified Description The /root/anaconda-ks.cfg installation configuration file insecurely stores a hardcoded root password hash. This password is highly susceptible to...
SQL-injection-payloads-bypass-WAF
SQL-injection-payloads-byp...
📄 Soosyze CMS 2.0 Brute Forcer
Soosyze CMS version 2.0 authentication brute forcing tool that leverages an absence of rate limiting on the /user/login endpoint. ============================================================================================================================================= | Title : Soosyze CMS 2.0...
ruby-web-vulnerability-tester
ruby-web-vulnerability-tester 🔎 Ruby Web Application Vulnera...
Exploit for Exposure of Resource to Wrong Sphere in Apache Http_Server
HTTP Request Smuggling Detection Tool This repository contain...
Xss-Wordlist
It is an offensive tool for web application security testing. Th...