Cybercriminals Exploit CrowdStrike Outage Chaos
Two Russians Convicted for Role in LockBit Attacks
Info Stealers Exposed: The Silent Threat Stealing Your Data
UK police arrested a 17-year-old linked to Scattered Spider gang
SocGholish Malware Exploits BOINC Project for Covert Cyberattacks
Under-Resourced Maintainers Pose Risk to Africa's Open Source Push
Cyber insurance 2.0: The systemic changes required for future security
Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver
Cross-industry standards for data provenance in AI
Shuffle Automation: Open-source security automation platform
New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems
Microsoft releases Windows repair tool to remove CrowdStrike driver
Fake CrowdStrike fixes target companies with malware, data wipers
Fake Hot Fix for CrowdStrike ''crowdstrike-hotfix.zip'' Spreads Remcos RAT
Fake CrowdStrike updates target companies with malware, data wipers
Malware Newsletter - Round 3
newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION
Beware Grand Theft Auto Fans! Fake GTA VI Beta Download Spreads Malware
Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw
U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog
UK arrests suspected Scattered Spider hacker linked to MGM attack
Threat actors attempted to capitalize CrowdStrike incident
Microsoft confirms CrowdStrike update also hit Windows 365 PCs
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
CrowdStrike discloses new technical details behind outage
Infostealer Infection Results in Data Breach of Blockchain Identity Platform, Fractal ID
Russian nationals plead guilty to participating in the LockBit ransomware group
17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.
Researchers find 'Port Shadow' flaws in VPN platforms
MediSecure data breach impacted 12.9 million individuals
CrowdStrike update causes global outages: Analysis
Seven tips that offer short-term and long-term fixes following the CrowdStrike outage
MarineMax Notifies Over 123,000 Of Data Breach | Daily Security Review
MediSecure: Ransomware gang stole data of 12.9 million people
Update: Worldwide IT outage due to buggy Crowdstrike update
Buggy CrowdStrike EDR Update Crashes Windows Systems Worldwide
What the Crowdstrike update outage means for cybersecurity
CrowdStrike Update Causes Havoc, Grounding Flights and Disrupting Businesses
Top Tech Agree to Standardize AI Security
Sunburst: US Judge Dismisses Most SEC Charges Against SolarWinds
Security pros brace for manual system-by-system fix to CrowdStrike outage
CrowdStrike update epic fail crashed Windows systems worldwide
CISA Publishes Resiliency Playbook for Critical Infrastructure
Coast Guard Shortcomings Hinder US Maritime Security
In Cybersecurity, Mitigating Human Risk Goes Far Beyond Training
China's APT41 Targets Global Logistics, Utilities Companies
Chinese Hacker Gang GhostEmperor Re-Emerges After Two Years
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide
Ransomware Has Outsized Impact on Gas, Energy & Utility Firms
US data breach victimization spikes
Asia, Europe targeted by new APT41 attacks
Hundreds of thousands of domains registered for Revolver Rabbit infostealer campaigns
Microsoft-signed driver leveraged by HotPage adware
Most of SolarWinds hacking suit filed by SEC dismissed
Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks
CSA Updates Cloud Security Knowledge Certificate, Training
CrowdStrike update crashes Windows systems, causes outages worldwide
We are sorry for the temporary outage.
Three ways to thwart non-human identity attacks
Safeguard Personal and Corporate Identities with Identity Intelligence
API Threat Landscape
Vulnerability in Cisco Smart Software Manager lets attackers change any user password | Ars Technica
CrowdStrike: 'Significant number' of impacted devices back online
'Blue screen of death': Microsoft users hit by huge outage
A Comprehensive Guide to Autonomous Website Security Audits - Supplement Research & Comparison | Pillser
Tech outage: 8.5M computers running Windows affected by CrowdStrike issue | AP News
Flights, banks and media hit as internet users report global outages | AP News
Global IT outage live updates: Microsoft-CrowdStrike blackout
How the world’s tech crashed all at once | CNN Business
Trusted Platform Module (TPM)
UK Detains Alleged Scattered Spider Hacker Tied to MGM Cyber Attack - The Old Herald
I Created a Burp Suite Extension from SCRATCH - YouTube
x.com
Influence – The psychology of Persuasion – The Read Mind
LAPD warns residents after spike in burglaries using Wi-Fi jammers that disable security cameras, smart doorbells | Tom's Hardware
West 917 (Black Belt 2) Picked and Gutted - YouTube
x.com
India's TOP HACKER opens up - BIGGEST Cyber Crimes, Cyber Warfare and Hacking Stories REVEALED - YouTube
Google Uncovers Global APT41 Chinese Hackers Cyberespionage Campaign | Cyber Insider
Infostealer Infection Results in Data Breach of Blockchain Identity Platform, Fractal ID | InfoStealers
Project 2025 Suffers Online 'Hack' - Newsweek
ABUS-C83 with the "old pinning" picked and gutted (pt 5 in the ABUS door lock expedition) [287] - YouTube
Inside The Outages: A Dangerous Null Pointer Exception Deployed On Friday | by Jan Kammerath | Jul, 2024 | Medium
GRC in Cybersecurity - Beginner's Guide | IT Certifications | Standards & Frameworks | Homelab Ideas - YouTube
17-Year-Old Arrested for Last Year's Ransomware Attack on MGM Resorts
The Rich Are Pushing Right-Wing Tax Education in Schools
923. SPP Euro Cylinder locks with Snake Rake. Why is the cam not turning on thumb turn euro cylinder - YouTube
Navigating the RDP security consequences of TLS vs. NLA from a threat exposure perspective - GoSecure
17-Year-Old Arrested for Last Year's Ransomware Attack on MGM Resorts | PCMag
Trump shooter used Android phone from Samsung; cracked by Cellebrite in 40 minutes - 9to5Mac
A furry hacktivist group has breached Disney, leaked 1.1TiB of data, and says it's because Club Penguin shut down | PC Gamer
A Windows version from 1992 is saving Southwest’s butt right now
Exploiting DLL Hijacking with Rust & Golang: Step-by-Step Guide - YouTube
Just a moment...
Just a moment...
Olympics: Global cyber outage hits deliveries, accreditation - ESPN
District of New Jersey | Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group | United States Department of Justice
I survived CrowdStrike Gate - 20240719 | Cyber Swag Apparel
FL_security
The Microservice That Manage all About User Security In the ZStrong Application
Security, Logging and Maintenance of the Simulation Materials API and a Minimal Frontend Application.
Script Changes the UPN to match the User's email address and adds user to a security group
Implement security best practices with this set of tools and libraries.
Proof of concept for a Server-sent event proxy server
Bypass-403-Matrix is a powerful tool for security professionals and ethical hackers, designed to bypass 403 Forbidden errors on web servers. With innovative methods, it attempts to access restricted files and directories, enhancing your penetration testin
security-wp
JWT security in Spring Boot (Access & Refresh Token)
java-security
Group 23 came forward and developed a webpage of a porftolio
The concept of "leftshift" in DevSecOps emphasizes integrating security early (shift-left) in the development lifecycle. This model focuses on embedding security practices from the very beginning of the development process.
solidity_security
Backend service written in golang to handle form information from frontend and send it via mail to clients using plain/text as well as html/template. Extremely secure with a 2 phase authentication and TLS security.
QuickRide is a cutting-edge taxi booking application that combines reliability and security with the convenience of discovering tourist spots in your city. It ensures timely and dependable transportation through professional drivers and incorporates advan
Ensure that you do not run these scripts on public Wi-Fi networks due to potential security risks. Public networks are more susceptible to attacks, and using them can expose your system to vulnerabilities. If necessary, use VPN services to mask your IP ad
Post-marketing Assessment of Antibody-Drug Conjugates: Proof-of-concept using Trastuzumab-Drug Conjugates, Model-Based Meta-Analysis, and a Clinical Utility Index Approach.
spring-security-lab
A simple Java application that checks code files for security vulnerabilities and provide reviews/recommendations based on the analysis.
Bunni is a premier Roblox exploiting platform, renowned for its cutting-edge tools, rapid updates, and robust support. Developed by experienced professionals, it ensures maximum efficiency, security, and a seamless user experience with features like HWID
Proof of concept of CRUD application with Agents (Langchain, Qdrant, FAST API, Pedantic, React, Tailwind, Whisper)
A free and open-source utility modification for PixelGun3D featuring AimBot, ESP, Infinite Ammo, Rapid Fire, and more. Created for educational and security research purposes, this software includes various enhancements and cheats for the game. Always avai
Spring Boot 3 Security | Authentication and Authorization
Albion Ultimate Hack 2024
spring-security-users
Diablo 4 Ultimate Hack 2024
lios hack andlua menu source based on chinese esp and memory tools 1.0 with full writen gui
Door-Locker-Security-System
Crossout Ultimate Hack 2024
rust-no-recoil-hack
anvesana hackathon (hack for hire)
hacking
Hacking
SpringSecurity
The motivation of this project is to design a Hospital System Network and meet all the requirements of infrastructure. All the departments will be on a separate network segment and Access Control Lists and Virtual Private Network (VPN) is also implemented
Using virtual k8s clusters to build a "multi-verse" of disposable environments for offensive security
springSecurity
Best Trainer in the world, can be used in any game, made by C++ fastest programing language for game hacking
Exploring different portfolio optimization methods on a control set of securities
A quick demo for the AI Hackathon. Provide a file to be reviewed for security issues.
This is an Internal penetration testing report on an home lab active directory environment setup. Attack scenarios in this report try to replicate the events from an actual organizational active directory enivironment, attacker/pentester is connet to the
Security-Chrome-Extension
An article on the security scenario of modern cars
Web-Security
My own created web hacking scripts.
dot files for security research
Proof of concepts for various experiments
A proof of concept video player for comfyUI
To automate the process of calculating client security holdings within ACME Systems Inc.'s Finance and Accounting department
Proof of concept
security_cw_project
security
spring-security
rqlite proof of concept
hack insta
This is a capstone level project that aims to recognize objects with OpenCV with Python
Free-CyberSecurity-Books
security-vulnerability-news
Wifi-hacking-rtl8723bu
A quick implementation of signalR real time chat for proof of concept
This is an arduino UNO sketch.
Demonstrates how to use Terraform to create a basic AWS infrastructure, including a VPC, Subnet, Internet Gateway, Route Table, Security Group, Network ACL, and an EC2 instance
a proof of concept for CVE-2019-5784
Precursor-to-Security-Operations
The Bank Statement Aggregator project automates the collection, storage, and retrieval of bank statements from multiple branches of different banks. It provides users with a secure and efficient way to manage their financial records, utilizing Java, Sprin
Hello! I’m Sourav Kaushik, a dedicated and enthusiastic student currently pursuing a Bachelor of Computer Applications (BCA). With a strong foundation in computer science, I have also earned my certification as an Ethical Hacker (CEH) and developed a pass
Explore Istio Security Features on the Google Cloud
school-security-system-using-rfid-Website
FFH4X Injector - MOD Menu for Free Fire with amazing features. Players can enjoy a variety of amazing features when using the Windows Ffh4x Menu. This injector provides numerous paid hacks for free, and it is used by many users all over the world to custo
A Proof of Concept (PoC) for decentralized logging using Rust. This project demonstrates how to set up a logging client and server to handle distributed log data collection and aggregation.
Explore Cloud Service Mesh Security Features on the Google Cloud
This project demonstrates the deployment and hosting of a dynamic website on AWS, utilizing various services and components to ensure high availability, scalability, security, and fault tolerance.
Computer-Security-Capstone
kubernetes-security-observability_workshop
Hacking
Proof of Concept for DL/ML
Proof of concept/learning for deploying a streamlit application using Traefik and Docker
Pressle Coin Elephant is an innovative dApp platform that allows users to connect their wallets and easily purchase Pressle coins. With high-security features and a user-friendly interface, we offer a new way to invest and participate in the rapidly growi
A Python script to audit PHP.ini configurations for security best practices
hack_python_1
Effortlessly share files with lightning-fast speed and top-notch security. Our intuitive interface makes file sharing seamless, whether you're sending documents, images, or videos. Stay connected and efficient with our cutting-edge file-sharing solution.
Ultimate Tic Tac Toe for Hack Club's Sprig
ticketing-project-security
This repository contains a simulation of a security architecture for satellite communication systems. The simulation includes RSA encryption, Quantum Key Distribution (QKD), Multi-Factor Authentication (MFA), threat detection, and incident response mechan
Support Row Level Security with Prisma
Nihon is a leading Roblox exploit founded in 2020, known for its intuitive user interface, robust features, and exceptional performance. Developed by top industry professionals, it offers enhanced security, customization options, and a globally trusted se
spring_security_tests
This repository is dedicated to providing you with valuable tips, best practices, and resources to help you maximize the security features of GitHub Copilot.
Carbon Executor is a state-of-the-art Roblox exploit that offers unmatched performance and security, boasting 90% UNC support and Level 8 execution capabilities. Compatible with Windows 7 through 11, it empowers users to unlock the full potential of Roblo
A Python keylogger designed to capture keyboard input for assessing security and performance within controlled environments. This tool is intended for non-malicious use only.
build simple communication between game hacks(for example)
A Python implementation of Arknights pull history tracker as a proof of concept utilizing minimal OpenCV2.
Brainwave Matrix Solution Cyber Security and Ethical Hacking Internship Task 02
This repository offers a powerful set of tools for Jyrk Crash Casino. Inside, you ll find hack scripts, cheat strategies, and advanced Predictor Bots to enhance your gameplay. Use these tools to predict outcomes, strategize effectively, and maximize your
This repository provides a collection of tools for Lynz Blast Casino. It includes hack scripts, cheat strategies, and advanced Predictor Bots designed to give you an edge. Enhance your gameplay, predict outcomes, and maximize your winnings with these powe
A proof-of-concept FastAPI-based service for sending emails via SMTP. Supports plain text and HTML emails, with or without attachments. Includes validation, error handling and Swagger UI documentation. Ideal for educational purposes and demonstrations.
Developed a personal memory keeper app for Android users using Kotlin and XML for UI layouts. Utilized SQLite for robust local data storage, ensuring data persistence and security. Enhanced user engagement by providing a private platform to capture and re
This repository offers a robust set of tools for Plinko. Inside, you ll find hack scripts, cheat strategies, and advanced Predictor Bots to give you an edge in the casino. Enhance your gameplay, predict outcomes, and maximize your winnings. For educationa
1:1 CrowdStrike Security Patch for Windows System that caused BSOD
HackingNotes
SocialSecurityCRUD
Starter project for Vaadin Flow using Gradle and Spring Security
SDES implementation using c++, with the guidance of Cryptography and Network Security, Fifth Edition William Stallings.
Decentralized AI-Powered IoT Security System for the Pi Network
Repository containing information for relating to the Windows Security Cookie used in a Vulnerable Chat server VChat that is based on Vulnserver.
L
ProofOfConcept
This repository demonstrates how a Proof of Concept of the applications demonstrated in Lukas Neuenschwander's master's thesis "Intrusion Detecion in Kubernetes - a study of tools and techniques" can be installed on an x86-based Ubuntu Linux server that c
Security-Source-Code
SpringSecurityRegistrationAndLoginSystem
This repository provides a complete toolkit for Keno. Inside, you ll find hack scripts, cheat strategies, advanced Predictor Bots, and profit detectors to enhance your casino gameplay. Use these tools to predict outcomes, detect profitable opportunities,
In the backend, separate APIs handle vendor and user logins using Node.js and Express. Registered users and vendors are validated for access. Data is stored in JSON files, leveraging hashing and salting for login security, and JWT tokens for session manag
This repository provides a powerful collection of tools for Roulette. You ll find hack scripts, cheat strategies, and advanced Predictor Bots to give you an edge in casino games. Enhance your gameplay, predict outcomes, and maximize your winnings. For edu
AI-Security-System
Made as a part of the 100 days of SwiftUI tutorial from Hacking with Swift
PhD-CyberSecurity-ResearchLab_nw
mini project practice spring security
This repository features the Wavix OTP Bot, designed for handling one-time passwords across Telegram, PayPal, and WhatsApp. It provides tools for verification bypass and streamlining OTP management in these platforms.
A simple Terraform configuration to set up basic AWS infrastructure.* This repository contains Terraform configuration files to deploy a simple AWS infrastructure setup, including a VPC, subnet, internet gateway, route table, security group, EC2 instance
Security-study
Effects of Vertical & Horizontal Integration on Food Security
security
Hacking with Swift: 100 Days of SwiftUI
ABOUT SFTPROJECT This SFTPROJECT token was created to help programmers sell their work without using physical currency or more complex security, such as selling software without the slightest privacy issues.
STEMist Hacks III 20-21/07/2024
This project is a comprehensive banking system designed to handle various banking operations including account management, transactions, and customer services. The system is built with a focus on security, scalability, and user-friendliness.
This repository offers the Zylo OTP Bot, designed to bypass SMS verifications for various services, including banking. It provides tools to manage and streamline OTP processes, ensuring efficient and secure verifications.
Builds off a simple server implementation in C. I want to create a robust HTTP server, keeping security in mind.
The SY0-701 Real Questions 2024 is a valuable resource for anyone who wants to pass the CompTIA Security+ certification exam. The Study Guide is comprehensive and up-to-date, and it provides a realistic testing environment. https://www.dumpsspot.com/compt
This repository is a collection of Proof of Concept (POC) projects and serves as a sandbox for experimentation, learning, and demonstrating technical proficiency across various programming languages and tools.
CyberSecurity-Research-Lab
All Writeups of CTF Challenges
This repository offers a robust collection of tools for Dragon Tower. Inside, you ll find hack scripts, cheat strategies, and advanced Predictor Bots to give you an edge in the casino. Enhance your gameplay, predict outcomes, and maximize your winnings. F
The backend system will be responsible for managing users, hotels, rooms, bookings, and related functionalities. It will ensure data integrity, security, and efficient performance.
This repository provides an edited and packed version of KeyAuth for enhanced security and customization. The Qanta KeyAuth version includes modifications to streamline authentication processes and improve protection for your applications.
security_backend
This repository features the Qubix OTP Bot, designed to handle one-time password verifications for banking, PayPal, and 2FA systems. It provides tools for bypassing OTP processes, ensuring streamlined and efficient verifications.
This is the flutter application repository for SmartKrishi which we developed for Hack To The Future 2024 for the Open Innovation Track.
ethical hacking project submission
A tool for scanning IoT devices for security vulnerabilities and providing detailed reports and recommendations.
Monitor AWS Security Service using EventRule and Lambda.
Hackingly_DSA
HardwareinSecurity.github.io
FirebaseAuth is a Rails engine that provides seamless integration with Firebase Authentication for Rails applications. It leverages Firebase's powerful and secure authentication services, allowing you to quickly implement user authentication without compr
This repository provides a comprehensive guide to implementing two-factor authentication (2FA) for Exodus. Enhance your account security with robust 2FA methods to protect against unauthorized access and safeguard your assets.
Repository for general projects and proof of concepts
The Smart Garage System enhances convenience and security with key features: an LCD showing the number of cars and garage status (Available/Busy), an automated arm gate controlled by a servo motor, automatic lighting that activates at night and deactivate
The Roblox Scriptify Executor is a robust tool designed for seamless script execution in Roblox. It features an efficient injector and DLL mapping for smooth integration, along with a whitelisting system for enhanced security. The executor boasts a user-f
This repository offers a complete toolkit for the Sugar Rush slot game. Inside, youll find hack scripts, cheat strategies, and features to increase your profits and unlock free spins. Enhance your gameplay and maximize your winnings. For educational purpo
A proof of concept and testing of HLS and adaptive bitrate streaming for Project Gacha.
Spring-Security
In this repositary we will be making tools based on hacking phase which could help us in doing recon, cracking password, image encryption,etc...
This repository provides a comprehensive set of tools for EtherCrash.io. It includes hack scripts, cheat strategies, and advanced Predictor Bots designed to give you an edge in casino gameplay. Use these tools to predict outcomes, enhance your strategies,
This repository offers a powerful toolkit for Blix Gates of Olympus slot game. Inside, you ll find hack scripts, cheat strategies, and features to unlock free spins and maximize your profits. Enhance your gameplay and increase your winnings. For education
This repository provides a comprehensive toolkit for Mines. It includes hack scripts, cheat strategies, and advanced Predictor Bots to enhance your gameplay. Use these tools to predict outcomes, detect profitable opportunities, and maximize your winnings.
A proof of concept concerning the automatic update of FreeBSD loaders
A web browser app is essential for accessing and navigating the internet, allowing users to view web pages, multimedia content, and interact with online services. It provides a graphical interface for easy navigation and features such as tabbed browsing,
My proof of concept for a Local Privilege Escalation via msiexec in ZScaler Client Connector 3.7.2.18
A proof-of-concept for tx/rx using spoofed source IP address. Implements ipcrypt to encrypt original source IP addresses.
This repository provides a comprehensive toolkit for FYM Dice. It includes hack scripts, cheat strategies, and advanced Predictor Bots to enhance your casino gameplay. Use these tools to predict outcomes, optimize your strategies, and maximize your winnin
Proof of concept to implement Payment Gateway implementation using Angular and Nodejs
Proof of concept Solana web app
This repository offers a comprehensive collection of powerful tools for Kov-Twist Casino games, designed to give you a significant edge. Inside, you ll find advanced hack scripts, detailed cheat strategies, and sophisticated Predictor Bots to enhance your
Gets the best News of Hackers
Hackers code
Security-of-Systems-and-Services
Welcome to **ESET NOD32 Antivirus**, a leading security solution designed to protect your devices from a wide range of online threats. With its advanced technology and user-friendly interface, ESET NOD32 provides comprehensive protection against viruses,
A sentinel for monitoring blockchain security and activity
spring-security
online-hackings
This is Journal App made on Java via Spring Boot, Spring Data and Spring Security. The backend database is on MongoDB and the security is ensured via JWT authentication
ecommerce backend with spring boot, db, mercado pago, and security
Takes an Email-Address (or any other string) and serves it via traefic under /security.txt
A Fully Functional Cloud Security Information and Event Management (SIEM) Software Built with Micro-Service Architecture with Various Standalone Components Designed and Implemented for Flexibility and Robustness
Security support library
spring-la-mia-pizzeria-security
Android-Security-Exploits-YouTube-Curriculum
The Knight Hacks Discord Bot
A simple proof of concept implmentation of a Blockchain
A tools for Grey Hack that will automate mission for you
Proof of concept for plotly as a method to streamline OCR geometry specification
Welcome to the vibrant world of Root me Daily Problem of the Day solutions! Code written while solving challenges and CTFs on root-me. Root Me is a platform for everyone to test and improve knowledge in computer security, hacking and CTFs.
This contains details of the the previous bonus task and the current task .
Lenovo Tab M8 hacking notes
Solara Executor is a powerful, efficient, and versatile tool that brings a new level of sophistication to Windows exploitation. Whether you're a hobbyist, a security researcher, or a professional pentester, Solara Executor provides the features you need t
Termux-AllHackingTools
spring_security
Working with JWTs in Spring Boot bruvv
Smart-Home-Security-Security
A proof-of-concept Godot addon to improve the runtime debugging experience
We've made some exciting updates to the Netflix login page to enhance your user experience and improve security. Here are the new changes
This project is a proof of concept (POC) aimed at discovering and analyzing trending topics in Amazon customer reviews for health and personal care products.
solution for End-of-file problem from Hacker Rank
EndpointSecurity
security-deploy
UI Proof Of Concept of Finance Tracking application
This repository holds the information about the 30 days DSA challenge by Hackingly
A proof of concept for building Tensorflow with C++.
The Password Generator project aimed to create a secure and user-friendly application using React. The primary objective was to enable users to generate strong, random passwords with customizable options to enhance their online security.
A hack of Orange Islands by Kalarie with additional content.
SpringBoot_05_Security
2段階認証を試してみる
Welcome to the Simple Python Project For CyberSecurity repository! This collection of scripts is designed to help beginners and enthusiasts learn and explore various cybersecurity concepts through practical Python projects.
ZoneAlarm-Extreme-Security-15.8.224-Crack
azure-security-cicd-challenge
Giải một số bài toán cơ bản của môn an toàn bảo mật thông tin
security-challenge
Some experiments and proof of concepts on Retrieval Augmented Generation (RAG)
IronCladSecurityServices
Simple proof-of-concept with counter contract.
Avast-Internet-Security-24.1.6099-Crack
Anti spoofing proof of concept
Un booklet para principiantes de Ethical hacking con Kali, paso a paso, cómo empezar en el mundo del Ethical hacking red team.
The XSSInpector Security AI ML is a comprehensive tool designed to detect Refeclted, Stored, Blind (XSS) vulnerabilities in server/apps at RFC design, forms, crawls & advanced AI techniques, including deep learning, natural language processing (NLP), rein
Repository for the AI-Driven Platform Product Specification - Proof of Concept
Repository for the AI-Driven Platform Product Specification - Proof of Concept
Landing page proof of concept
Client that allows us to search, from a Linux console, for particular machines available in the "Hack The Box" platform. Practice from S4vitar course "Introduction to Linux"
Repository for AI-Driven Platform Product Specification - Proof of Concept (Alternative)
A tools for Grey Hack that will automate mission for you
Proof of concept Land Index System
Repository for the AI-Driven Platform Product Specification Proof of Concept
Proof of concept Discord bot for publishing Infernal rulings to an external source
Repository for the AI-Driven Platform Product Specification - Proof of Concept
A (WIP) API that uses military-grade encryption by implementing Perfect Forward Secrecy (PFS) and AES-256 with ephemeral session keys.
Proof of Concept for an AI-driven platform to streamline project management by automating task creation, project monitoring, and requirement capturing.
Apuntes Hacking Ético
spring-security
Large pool of CTF style cyber security challenges
naflan-cyber-security
a backend authentication demo using springboot, spring security, postgres and jwt
Spring Boot 3: Learn Spring 6, Spring Core, Spring REST, Spring MVC, Spring Security, Thymeleaf, JPA, Hibernate, MySQL
tsunami-security-scanner_iac_and_monitoring
Ethical-Hacking-Notes
Benchmark circuits used to gauge security in Edwards, et. al. "Physically Secure Logic Locking with Nanomagnet Logic" IEEE TCAD (2024)
uds_security_app
Exemplos desenvolvidos na semana 08 do módulo 02 sobre Spring MVC, CRUD REST API e Spring Security
This repository contains various projects and examples to help understand and master Spring Boot. It covers essential topics, including dependency injection, RESTful web services, data persistence with JPA, and security configurations.
An API that allows users to post song recommendations. Each recommendation can include an associated image and is protected by an authentication system to ensure data security and privacy.
security
Board-Concurrent-With-Security-Whit-Token-Test
An automated solution using AWS CDK and TypeScript to streamline IAM user creation and management. This script sets up users, assigns them to groups, attaches policies, tags users, and enforces MFA for enhanced security.
Proof of concept implementing multi-speaker recording transcription summarization
security oauth2 jwt 공부용
Application-Security-Interview-Notes
Spring Booot | MySql | Spring Security |
Network-Security-and-Analysis-Collection
About This is a comprehensive User Management system using the MERN stack (MongoDB, Express.js, React.js, Node.js). Features include full CRUD operations, a user-friendly interface, and the latest security and performance enhancements for a robust and eff
SecurityTools
Este repositorio tiene el fin de escribir mis apuntes y ejercicios acorde al curso profesional de google cibercicurty
Hack language assembler from nand2tetris to translate 16-bit binary code to machine code.
🔒Spring Security DeepDive
삼성전자 오픈소스 공개 취약점의 보안 권고 정보 관리
Proyecto para poner en práctica Spring Security con JWT
Board-Concurrent-With-Security-Whit-Token
securityx17.github.io
Step-by-step guide to setting up a low-overhead VPS server, focusing on security and efficiency
spring_security_basic
Hacker News clone made with Hono
MedLock is an innovative blockchain based project that designed to give patients complete control over their healthcare data. Using Solidity smart contracts, it securely stores patient information on the Ethereum blockchain, ensuring data privacy and secu
The Shopping Cart is a comprehensive e-commerce platform designed to offer a seamless and secure shopping experience. It integrates high-security features, product management, user management, and online payment solutions, catering to both end-users and a
This project is a web-based application designed to recognize and assess suspicious and phishing links. By leveraging a comprehensive dataset with rating data, the website provides a reliable evaluation of potentially harmful URLs. The application aims to
SpringSecurity
Obsidian-Hacking-Notes
Task Management Service with streamlined task handling, user authentication, and role-based access control. Developed using Spring Boot, Spring Security, JWT, and REST API. 📝🔒
practice project pos with security
Pairs Trading Model for Various Security Types
Configuration and Docker files for the Sentinel security server
COURSE Spring Boot Expert: JPA, RESTFul API, Security, JWT and more
Hack On Blocks submission
Solidity_Security_Auditing_Handbook
Proof of Concept with LLMs using Indirect Prompt Injection
PP_3_1_5_Spring_JPA-MVC-Boot-Security_Bootstrap_REST_draft
Successor to the classic XP-AntiSpy
I4H is a course/ebook to learn hacking, with dozens of powerful and diverse tools. This is the second edition of the course.
An API based on the 1995 movie Hackers. Get information on characters, organizations, quotes, and more.
Proof of concept deploying cloud ready images on metal via USB Stick, CD Drive or PXE Boot
This is a web application through which people can easily vote in online mode from their home without compromising with data security.
Armagedon is a Python-based keylogger tool designed to capture keystrokes and send them to a remote server at regular intervals. This tool is intended for ethical hacking and educational purposes only. Misuse of this tool for illegal activities is strictl
Examples in the ASP.NET API 8 for applying some security concepts
School-security-system-using-rfid
SkailarCheats is a GitHub repository offering game cheats and hacks. It features a variety of tools and scripts designed to enhance gaming experiences by providing competitive advantages. The repository includes a user-friendly interface, secure transacti
Computer-security
A proof of concept about programming a method of hot swapping what controls are used in a mech
spring-security
HACKING-MD-
Cold Compress is a hackable, lightweight, and open-source toolkit for creating and benchmarking cache compression methods built on top of GPT-Fast, a simple, PyTorch-native generation codebase.
Cyber-security-
Notebook is a simple text editor built using the MERN stack (MongoDB, Express, React, Node.js). It allows users to store text data and files online securely. The app also features user authentication to ensure data privacy and security.
CDK app that makes use of Checkmarx's KICS Validator plugin for checking the security of a S3 bucket
Elevate your WordPress security with powered AI technology and stay protected 24/7. Easy setup, real-time defensing with Wp Safe Zone
my hacking scripts
Kubernetes Proof of Concept
This repository contains code for detecting credit card fraud, a critical task in financial security. It includes data preprocessing, model training, evaluation, and deployment resources tailored for fraud detection. By identifying fraudulent transactions
A program created specifically for hackers and OSINT researchers based on Python.
Compilado de estudo como uma livraria pública e gratuita que visa conscientizar e auxiliar no processo de aprendizado de estudantes sobre TI, desde programação, segurança da informação e computação forense.
Discord bot, made for security of servers.
Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you co
Top down shooter proof of concept
A portfolio repository for Egis Security's past audits
SecureAuth is a authentication platform designed to implement Two-Factor Authentication (2FA) using email.It provides a authentication mechanism that enhances security by requiring users to verify their identity through a code sent to their email and also
The application employs deep learning and machine learning with Scapy, TensorFlow, and Scikit-learn to classify network packets in real-time. Users can set packet sniffing timeout, with results displayed in a Tkinter GUI. It enhances network security by s
Security-System
The resource aggregation layer Proof of Concept code
proof of concept of the covenant-less Ark implementation written in Rust
NoPixel 4.0 hacks practice
An I2P based OS made for security
LoggableActivity is a Ruby gem for Rails applications that records user activities and protects sensitive data.
Hacker Rank Problems solved in GoLang :)
A proof of concept importless way to modify Il2Cpp Unity games.
Extra utilities for use with portable-hack-ast
Hacking ChatGPT, or just an use case to play for a while (yoquGPT / w2uGPT / iwuGPT)
A proof of concept for combing Interact.js and PDF.js to create a manipulatable media viewer.
Hackbook Of A Hacker
PogSetup is a simply a summarized list of configurations I have set for my computer (development/security)
An implementation of Messaging Layer Security (RFC 9420)
Göktürk Hack Team Tool
proof_of_concept
Web app managing flights - techs: Spring (Boot, Security, Data JPA, Mail), Hibernate, SQL, Thymeleaf
afrog-pocs 是 afrog 漏洞检测工具的官方 PoCs(Proof of Concepts)库。
WebSecurity
linguisize_proof_of_concept
– Tools & technologies used: Next.js, React.js, MongoDB, TailwindCSS – Authenticated user through OAuth sign-in, to increase the security of user data. – Developed social sign in, tweeting, likes/hearts, comments/replies, profile edits, drag and drop ima
general scripting repository for quick hacks in Rhino using Python
CodeScan: A Bash script for identifying potential security vulnerabilities in source code. Scan and find common patterns associated with risks like remote code execution. Get a detailed report on potential issues. Enhance your code security.
Malware Development for Ethical Hackers, published by Packt
Security "x-ray" for ENS names
AWS Security Cookbook - Second Edition, published by Packt
Nutek Security Platform for macOS and Linux operating systems
Um projeto de autenticação jwt com spring boot security
valorant fortnite offsets csgo hack exploit free
spark hacks hackathon
Supercharge your network privacy and security with DNS blocklists from The Firebog • Daily updates shield you from ads, trackers, malware, crypto, adult content, spam and more • Works with DNS applications, hosts files, and adblock browser extensions for
Proof of concept implementation of the IC HTTP Gateway Protocol that enables end-to-end secure connections with dApps being served from the internet computer.
Here discover all about what am i learning and what i did to progress, and get helpful ressources
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
Small game project built on top of Rust, Bevy and a hacked-up fantasy console
Encryption's Builder Studio - Security Systems
GitHub Advanced Security Policy as Code
Ataque WPS transparente con rogue AP
A collection of proof-of-concept exploit scripts written by the team at Redway Security for various CVEs.
Open Geoservice scraper proof of concept to extract info of each dataset contained in an OGC compliant Geoservice
Webchat with strong security options & WebRTC support
SC-200T00-Microsoft-Security-Operations-Analyst
Unlock new level of security with BitMono. Advanced code obfuscation that protects your intellectual property like never before. Try now!
Documentation source and development of the PSA Certified API
MetaFrm.Security.SHA512
RESTful API built with Node.js and Express, featuring authentication, MongoDB integration, and full CRUD operations. It includes robust security and validation measures for secure data handling.
spring-security-core
OpenFGA SDK for Python 3 - https://pypi.org/project/openfga-sdk/
sammcj
A proof of concept full-stack website using Rust and TypeScript
Visual Studio Code extension that allows you to perform a web search for the selected text using your favorite search engines (add as many as you like, editable in extension settings). I wrote this as a proof-of-concept idea when teaching myself TypeScrip
Smart contract audits are necessary for ensuring that smart contracts are free of any security issues.
Webauthn/FIDO2 library in golang
about hacks
Trusted Data Format (TDF) is an Open, Interoperable, JSON encoded data format for implementing Data Centric Security for objects (such as files or emails) in zero-trust security world. This repository specifies the protocols and schemas required for TDF o
Tech Hacks: Android, Linux, Developer
Nova Wallet Android is a next gen application for Polkadot & Kusama ecosystem, transparent & community-oriented, focused on convenient UX/UI, fast performance & security.
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
aws-modernization-with-snyk-container-security
Preventative home and business security system
Pākiki is an intercepting proxy designed to help penetration testers find security vulnerabilities in web or mobile applications. This repository contains the core.
Common Security Advisory Framework (CSAF) Verification, Validation, and Application Programming Interface (API).
1st Place Winner at Super Hacks 2021
Collection of 7 Days to Die bots, scripts and hacks
Security-oriented Arch Linux installation script. Key features such as Secure Boot, disk encryption with LUKS + TPM 2.0, encrypted home directories, and a stateful firewall.
Tanker client-side encryption SDK for Rust
A free, custom, open source hacked client for Minecraft 1.21 using Fabric
Cross-platform command-line password manager with sessions
Hacker News weekly top 10 posts
🌿 It's Hacker News in your terminal
Manage and access your Kali Linux or Parrot Security VM from the terminal (SSH support + file sharing, especially convenient during CTFs, Hack The Box, etc.) :rocket::wrench:
SSH-keys, password lists, everything a hacker wants! Unfortunately, encrypted. And no, not with AES alone! Sorry NSA.
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
proof of concept for gyroveraging transform precomputation
This repository has code and circuit plans to hack a 1995 Pay Phone. (WIP)
The tool is consist of 1- ddos section 2-wifi hack section 3-distribution and setup and install from two different apps
Contenus et ressources de la chaîne FormationVidéo (YouTube)
A simple tool to ban SSH invalid user for all machine accesses
Ansible role for installing WireGuard VPN. Supports Ubuntu, Debian, Archlinx, Fedora and CentOS.
Authentication and Authorization with Azure AD
Alloy is a language for describing structures and a tool for exploring them. It has been used in a wide range of applications from finding holes in security mechanisms to designing telephone switching networks. This repository contains the code for the to
Integrations, examples, and proof-of-concepts that are not part of OPA proper.
Amazon Dash Button hack in Docker for Synology
Cloud native networking and network security
Go security checker
JSON Web Tokens for PHP
Proof of Concept CommCare HQ OpenHIE integration app
A Tox-based instant messaging and video chat client
Jameica is an Application-Platform written in Java containing a SWT-UI. It provides different services (GUI-Toolkit, Logging, Security, Backup, Lifecycle-Management, Message-Bus) to the installed plugins. It's a kind of runtime environment similar to OSGi
Open source security data pipelines.
CVE-2024-6962 -- A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow. The attack can be ini
CVE-2024-6963 -- A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. This issue affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. T
CVE-2024-6964 -- A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.10. Affected is the function fromDhcpSetSer. The manipulation of the argument dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway leads to stack-based buffer overflow. It is possib
CVE-2024-6965 -- A vulnerability has been found in Tenda O3 1.0.0.10 and classified as critical. Affected by this vulnerability is the function fromVirtualSet. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. The attack ca
CVE-2024-6966 -- A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php of the component Login. The manipulation of the argument user/pass lea
CVE-2024-6967 -- A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been classified as critical. This affects an unknown part of the file /employee_gatepass/admin/?page=employee/manage_employee. The manipulation of the ar
CVE-2024-6968 -- A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /print_patients_visits.php. The manipulation of the argument from/to leads to sql inje
CVE-2024-6969 -- A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ajax/get_patient_history.php. The manipulation of the argument patient_id leads to sq
CVE-2024-6970 -- A vulnerability classified as critical has been found in itsourcecode Tailoring Management System 1.0. Affected is an unknown function of the file /staffcatadd.php. The manipulation of the argument title leads to sql injection. It is possible to launch th
CVE-2024-37446 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.This issue affects Chained Quiz: from n/a through 1.3.2.8.
CVE-2024-37447 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL (TAG) Manager allows Stored XSS.This issue affects PixelYourSite – Your smart PIXEL (TAG) Manager:
CVE-2024-37449 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.7.13.
CVE-2024-37457 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks – Gutenberg Blocks Plugin allows Stored XSS.This issue affects Ultimate Blocks – Gutenberg Blocks Plugin: from n/a
CVE-2024-37459 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PayPlus LTD PayPlus Payment Gateway allows Reflected XSS.This issue affects PayPlus Payment Gateway: from n/a through 6.6.8.
CVE-2024-37460 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a throu
CVE-2024-37461 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.65.
CVE-2024-37465 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Senol Sahin GPT3 AI Content Writer allows Stored XSS.This issue affects GPT3 AI Content Writer: from n/a through 1.8.66.
CVE-2024-37466 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2.
CVE-2024-37480 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: fro
CVE-2024-37485 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vinny Alves (UseStrict Consulting) bbPress Notify allows Reflected XSS.This issue affects bbPress Notify: from n/a through 2.18.3.
CVE-2024-37487 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpdirectorykit.Com WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.3.5.
CVE-2024-37488 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.9.
CVE-2024-37489 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OceanWP Ocean Extra allows Stored XSS.This issue affects Ocean Extra: from n/a through 2.2.9.
CVE-2024-37492 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutenberg Team Gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through 18.6.0.
CVE-2024-37495 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7.
CVE-2024-37500 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.2.2.
CVE-2024-37507 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 3.3.57.
CVE-2024-37509 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Maksekeskus AS MakeCommerce for WooCommerce allows Reflected XSS.This issue affects MakeCommerce for WooCommerce: from n/a through 3.5.1.
CVE-2024-37512 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.10.
CVE-2024-37514 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Stored XSS.This issue affects CopySafe Web Protection: from n/a through 3.14.
CVE-2024-37515 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Optemiz XPlainer - WooCommerce Product FAQ allows Reflected XSS.This issue affects XPlainer - WooCommerce Product FAQ: from n/a through 1.6.3.
CVE-2024-37519 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress allows Stored XSS.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from
CVE-2024-37521 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in zwwooooo zBench allows Stored XSS.This issue affects zBench: from n/a through 1.4.2.
CVE-2024-37522 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dario Curasì CC & BCC for Woocommerce Order Emails allows Stored XSS.This issue affects CC & BCC for Woocommerce Order Emails: from n/a through 1.
CVE-2024-37523 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AMP-MODE Login Logo Editor allows Stored XSS.This issue affects Login Logo Editor: from n/a through 1.3.3.
CVE-2024-37536 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Web357 Easy Custom Code (LESS/CSS/JS) – Live editing allows Stored XSS.This issue affects Easy Custom Code (LESS/CSS/JS) – Live editing: from n/a
CVE-2024-37537 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UusWeb.Ee WS Contact Form allows Stored XSS.This issue affects WS Contact Form: from n/a through 1.3.7.
CVE-2024-37538 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Thomas Kuhlmann Link To Bible allows Stored XSS.This issue affects Link To Bible: from n/a through 2.5.9.
CVE-2024-37545 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nick Halsey Floating Social Media Links allows Stored XSS.This issue affects Floating Social Media Links: from n/a through 1.5.2.
CVE-2024-37548 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8.
CVE-2024-37549 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 4.0.0.
CVE-2024-37550 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Envato Template Kit – Export allows Stored XSS.This issue affects Template Kit – Export: from n/a through 1.0.22.
CVE-2024-37551 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0.
CVE-2024-37552 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Inisev Social Media & Share Icons allows Stored XSS.This issue affects Social Media & Share Icons: from n/a through 2.9.1.
CVE-2024-37556 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10.
CVE-2024-37557 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Soham Web Solution WP Cookie Law Info allows Stored XSS.This issue affects WP Cookie Law Info: from n/a through 1.1.
CVE-2024-37558 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1.
CVE-2024-37559 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Echenley Counterpoint allows Reflected XSS.This issue affects Counterpoint: from n/a through 1.8.1.
CVE-2024-38434 -- Unitronics Vision PLC –
CVE-2024-38435 -- Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service
CVE-2024-38436 -- Commugen SOX 365 – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-38437 -- D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
CVE-2024-38438 -- D-Link -
CVE-2024-38781 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Reflected XSS.This issue affects CopySafe Web Protection: from n/a through 3.15.
CVE-2024-38782 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MapsMarker.Com e.U. Leaflet Maps Marker allows Stored XSS.This issue affects Leaflet Maps Marker: from n/a through 3.12.9.
CVE-2024-38784 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Beaver Builder allows Stored XSS.This issue affects Livemesh Addons for Beaver Builder: from n/a through 3.6.1.
CVE-2024-38785 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.2.
CVE-2024-38786 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BurgerThemes CoziPress allows Stored XSS.This issue affects CoziPress: from n/a through 1.0.30.
CVE-2024-6933 -- A vulnerability was found in LimeSurvey 6.5.14-240624. It has been rated as critical. Affected by this issue is the function actionUpdateSurveyLocaleSettingsGeneralSettings of the file /index.php?r=admin/database/index/updatesurveylocalesettings_generalse
CVE-2024-6934 -- A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. This affects an unknown part of the file /admin/forms/add/step2.php?submission_type=direct. The manipulation of the argument Form URL leads to cross site scripting
CVE-2024-6935 -- A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. This vulnerability affects unknown code of the file /admin/clients/ of the component User Settings Page. The manipulation leads to cross site scripting. The attack can
CVE-2024-6936 -- A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. This issue affects some unknown processing of the file /admin/settings/index.php?page=accounts of the component Setting Handler. The manipulation of th
CVE-2024-6937 -- A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of the file /admin/forms/option_lists/edit.php of the component Import Option List. The manipulation of the argument url
CVE-2024-6938 -- A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. The attack can be lau
CVE-2024-6939 -- A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the argument callback leads to cross site scripting. The att
CVE-2024-6940 -- A vulnerability was found in DedeCMS 5.7.114. It has been classified as critical. This affects an unknown part of the file article_template_rand.php. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has
CVE-2024-6941 -- A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. This issue affects some unknown processing of the file app/system/action/do.php. The manipulation of the argument site_title/site_subtitle/site_key/site_desc/site_url
CVE-2024-6942 -- A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads
CVE-2024-6943 -- A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this vulnerability is the function downloadImage of the file app/services/product/product/CopyTaobaoServices.php. The manipulation leads to deseriali
CVE-2024-6944 -- A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function get_image_base64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. The attack m
CVE-2024-6945 -- A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been classified as critical. This affects an unknown part of the file app/Core/Http/Controllers/Profile/ImagesController.php of the component Avatar Upload Page. The manipulation of the argument
CVE-2024-6946 -- A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This vulnerability affects unknown code of the file /admin/pages/list. The manipulation of the argument blocks leads to code injection. The attack can be initiated rem
CVE-2024-6947 -- A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue affects the function replaceContent of the file app/Core/Support/ContentParser.php of the component Notification Handler. The manipulation leads to code inject
CVE-2024-6948 -- A vulnerability classified as critical has been found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected is an unknown function of the file /slideeditor.php of the component Slide Editor. The manipulation of the argument newSlideFile
CVE-2024-6949 -- A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected by this vulnerability is an unknown functionality of the file /pages.php?edit=News. The manipulation leads to path traversal. The a
CVE-2024-6950 -- A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected by this issue is some unknown functionality of the file /?import of the component HTTP POST Request Handler. The manipulation of the argument file leads to co
CVE-2024-6951 -- A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Book Store System 1.0. This affects an unknown part of the file admin_delete.php. The manipulation of the argument bookisbn leads to sql injection. It is possible
CVE-2024-6952 -- A vulnerability has been found in itsourcecode University Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /view_single_result.php?vr=123321&vn=mirage. The manipulation of the argument seme leads to sql
CVE-2024-6953 -- A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. This issue affects some unknown processing of the file sms.php. The manipulation of the argument customer leads to sql injection. The attack may be initi
CVE-2024-6954 -- A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file sort1.php. The manipulation of the argument position leads to cross site
CVE-2024-6955 -- A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file sort2.php. The manipulation of the argument qualification leads to cross site scripting. It is pos
CVE-2024-6956 -- A vulnerability was found in itsourcecode University Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view_cgpa.php. The manipulation of the argument VR/VN leads to sql injection. The
CVE-2024-6957 -- A vulnerability classified as critical has been found in itsourcecode University Management System 1.0. This affects an unknown part of the file functions.php of the component Login. The manipulation of the argument username leads to sql injection. It is
CVE-2024-6958 -- A vulnerability classified as critical was found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /st_update.php of the component Avatar File Handler. The manipulation of the argument personal_image lea
CVE-2024-6960 -- The H2O machine learning platform uses "Iced" classes as the primary means of moving Java Objects around the cluster. The Iced format supports inclusion of serialized Java objects. When a model is deserialized, any class is allowed to be deserialized (no
CVE-2024-6961 -- RAIL documents are an XML-based format invented by Guardrails AI to enforce formatting checks on LLM outputs. Guardrails users that consume RAIL documents from external sources are vulnerable to XXE, which may cause leakage of internal file data via the S
CVE-2024-2337 -- The Easy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testimonials_grid ' shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied
CVE-2024-37561 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6.
CVE-2024-37562 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7.
CVE-2024-37563 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TOCHAT.BE allows Stored XSS.This issue affects TOCHAT.BE: from n/a through 1.3.0.
CVE-2024-37565 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.5.
CVE-2024-37918 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPCone.Com ConeBlog – WordPress Blog Widgets allows Stored XSS.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through 1.4.8.
CVE-2024-37919 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Timeline Module for Beaver Builder allows Stored XSS.This issue affects Timeline Module for Beaver Builder: from n/a through 1.1.3.
CVE-2024-37920 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Repute InfoSystems ARForms Form Builder allows Reflected XSS.This issue affects ARForms Form Builder: from n/a through 1.6.7.
CVE-2024-37922 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.34.
CVE-2024-37936 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in labibahmed Tabs For WPBakery Page Builder allows Stored XSS.This issue affects Tabs For WPBakery Page Builder: from n/a through 1.2.
CVE-2024-37943 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Ajax Product Filter allows Reflected XSS.This issue affects YITH WooCommerce Ajax Product Filter: from n/a through 5.1.0.
CVE-2024-37944 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel Engine allows Stored XSS.This issue affects WP Travel Engine: from n/a through 5.9.1.
CVE-2024-37946 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs ReCaptcha Integration for WordPress allows Stored XSS.This issue affects ReCaptcha Integration for WordPress: from n/a through 1.2.5.
CVE-2024-37947 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2.
CVE-2024-37948 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PootlePress Caxton – Create Pro page layouts in Gutenberg allows Stored XSS.This issue affects Caxton – Create Pro page layouts in Gutenberg: from
CVE-2024-37949 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1.
CVE-2024-37950 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodexHelp Master Popups allows Stored XSS.This issue affects Master Popups: from n/a through 1.0.3.
CVE-2024-37951 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor alam Magical Posts Display – Elementor & Gutenberg Posts Blocks allows Stored XSS.This issue affects Magical Posts Display – Elementor & Gute
CVE-2024-37953 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MBE Worldwide S.P.A. MBE eShip allows Reflected XSS.This issue affects MBE eShip: from n/a through 2.1.2.
CVE-2024-37954 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5.
CVE-2024-37955 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zakaria Binsaifullah GutSlider – All in One Block Slider allows Stored XSS.This issue affects GutSlider – All in One Block Slider: from n/a throug
CVE-2024-37956 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.98.1.0.
CVE-2024-37957 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bradmax Bradmax Player allows Stored XSS.This issue affects Bradmax Player: from n/a through 1.1.27.
CVE-2024-37958 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4.
CVE-2024-37959 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7.
CVE-2024-37960 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.0.
CVE-2024-37961 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in codoc.Jp allows Stored XSS.This issue affects codoc: from n/a through 0.9.51.12.
CVE-2024-38669 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in a3rev Software WooCommerce Predictive Search allows Reflected XSS.This issue affects WooCommerce Predictive Search: from n/a through 6.0.1.
CVE-2024-38670 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Members allows Stored XSS.This issue affects Team Members: from n/a through 5.3.3.
CVE-2024-38671 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson WP GoToWebinar allows Stored XSS.This issue affects WP GoToWebinar: from n/a through 15.7.
CVE-2024-38672 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in namithjawahar AdPush allows Reflected XSS.This issue affects AdPush: from n/a through 1.50.
CVE-2024-38673 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Obtain Infotech Multisite Content Copier/Updater allows Reflected XSS.This issue affects Multisite Content Copier/Updater: from n/a through 1.5.0.
CVE-2024-38674 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 2.1.
CVE-2024-38675 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LOOS,Inc. Arkhe Blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a through 2.22.1.
CVE-2024-38676 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Booking Ultra Pro allows Stored XSS.This issue affects Booking Ultra Pro: from n/a through 1.1.13.
CVE-2024-38677 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Reviews.Co.Uk REVIEWS.Io allows Stored XSS.This issue affects REVIEWS.Io: from n/a through 1.2.7.
CVE-2024-38678 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Calendar.Online Calendar.Online / Kalender.Digital allows Stored XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.8
CVE-2024-38679 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yongki Agustinus Animated Typed JS Shortcode allows Stored XSS.This issue affects Animated Typed JS Shortcode: from n/a through 2.0.
CVE-2024-38680 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Appmaker Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps allows Reflected XSS.This issue affects Appmaker – Convert WooCommerce
CVE-2024-38681 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.41.
CVE-2024-38682 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Techeshta Post Layouts for Gutenberg allows Stored XSS.This issue affects Post Layouts for Gutenberg: from n/a through 1.2.7.
CVE-2024-38683 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in iThemelandCo WooCommerce Report allows Reflected XSS.This issue affects WooCommerce Report: from n/a through 1.4.5.
CVE-2024-38684 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FunnelKit SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) allows Stored XSS.This issue affects SlingBlocks – Gutenberg Blocks by
CVE-2024-38685 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SubscriptionPro WP Announcement allows Stored XSS.This issue affects WP Announcement: from n/a through 2.0.8.
CVE-2024-38686 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pluginic FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor allows Stored XSS.This issue affects
CVE-2024-38687 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Techfyd Sky Addons for Elementor allows Stored XSS.This issue affects Sky Addons for Elementor: from n/a through 2.5.5.
CVE-2024-38689 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Garrett Grimm Simple Popup allows Stored XSS.This issue affects Simple Popup: from n/a through 4.4.
CVE-2024-38694 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Moloni allows Reflected XSS.This issue affects Moloni: from n/a through 4.7.4.
CVE-2024-38696 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows Reflected XSS.This issue affects Zoho CRM Lead Magnet: from n/a through 1.7.8.8.
CVE-2024-38697 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Rahimi Goftino allows Stored XSS.This issue affects Goftino: from n/a through 1.6.
CVE-2024-38698 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Skill Bar allows Stored XSS.This issue affects SKT Skill Bar: from n/a through 2.0.
CVE-2024-38703 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9.
CVE-2024-38705 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.
CVE-2024-38710 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.2.
CVE-2024-38711 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.7.1.
CVE-2024-38712 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Qode Interactive Qi Blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through 1.3.
CVE-2024-38713 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002.
CVE-2024-38718 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in clicklabs® Medienagentur Download Button for Elementor allows Stored XSS.This issue affects Download Button for Elementor: from n/a through 1.2.1.
CVE-2024-38720 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EazyDocs eazydocs allows Stored XSS.This issue affects EazyDocs: from n/a through 2.5.0.
CVE-2024-38722 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Stored XSS.This issue affects Job Board Manager: from n/a through 2.1.57.
CVE-2024-38725 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webstix Admin Dashboard RSS Feed allows Stored XSS.This issue affects Admin Dashboard RSS Feed: from n/a through 3.1.
CVE-2024-38738 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Marian Kadanka Change From Email allows Stored XSS.This issue affects Change From Email: from n/a through 1.2.1.
CVE-2024-38739 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8.
CVE-2024-38741 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor-E-Alam Amazing Hover Effects allows Stored XSS.This issue affects Amazing Hover Effects: from n/a through 2.4.9.
CVE-2024-38750 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in digontoahsan Advanced post slider.This issue affects Advanced post slider: from n/a through 3.0.0.
CVE-2024-38757 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Typebot allows Stored XSS.This issue affects Typebot: from n/a through 3.6.0.
CVE-2024-38758 -- Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 6.0.4.
CVE-2024-38767 -- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BannerSky.Com BSK PDF Manager allows Stored XSS.This issue affects BSK PDF Manager: from n/a through 3.6.
CVE-2024-3934 -- The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above,
CVE-2024-40347 -- A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter htmlid.
CVE-2024-40348 -- An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal.
CVE-2024-5804 -- The Conditional Fields for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.13. This is due to missing or incorrect nonce validation on the wpcf7cf_admin_init function. This makes it pos
CVE-2024-6281 -- A path traversal vulnerability exists in the `apply_settings` function of parisneo/lollms versions prior to 9.5.1. The `sanitize_path` function does not adequately secure the `discussion_db_name` parameter, allowing attackers to manipulate the path and po
CVE-2024-6489 -- The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_google_api_key function in all versions up to, and including, 2.0.10. This makes it possible for authenticat
CVE-2024-6491 -- The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimp_api_key_manage function in all versions up to, and including, 2.0.10. This makes it possible for authe
CVE-2024-6497 -- The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for a
CVE-2024-6560 -- The Addonify – Quick View For WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.16. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it p
CVE-2024-6635 -- The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.3. This is due to insufficient controls in the 'woo_slg_login_email' function. This makes it possible for unauthenticated atta
CVE-2024-6636 -- The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'woo_slg_login_email' function in all versions up to, and including, 2.7.3. This makes it possible for unauthen
CVE-2024-6637 -- The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege escalation in all versions up to, and including, 2.7.3. This is due to a lack of brute force controls on a weak one-time password. This makes it possible for un
CVE-2024-6694 -- The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 4.0.1. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This makes it possible for aut
CVE-2024-6848 -- The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping
CVE-2024-6932 -- A vulnerability was found in ClassCMS 4.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/?action=home&do=shop:index&keyword=&kind=all. The manipulation of the argument order leads to cro