** mimikatz ** 🔧Tool update
Tools name:mimikatz
Tools url:https://github.com/gentilkiwi/mimikatz/commit/c78b1cf37c517ae9d0e872447bb103da9fa6034a
commitUpdate log:
Revert to Visual Studio 2013 (due to an error in Microsoft headers, can't build in Win32)
Tools name:mimikatz
Tools url:https://github.com/gentilkiwi/mimikatz/commit/c78b1cf37c517ae9d0e872447bb103da9fa6034a
commitUpdate log:
Revert to Visual Studio 2013 (due to an error in Microsoft headers, can't build in Win32)
GitHub
Revert to Visual Studio 2013 (due to an error in Microsoft headers, c… · gentilkiwi/mimikatz@c78b1cf
…an't build in Win32)
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-32938
Github: https://github.com/iCMDgithub/CVE-2022-32938
Describe:
**
Mumber: CVE-2022-32938
Github: https://github.com/iCMDgithub/CVE-2022-32938
Describe:
**
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/a9ddda5e28119f72e391b8a0c8fb753d6c53c0d5
commitUpdate log:
Update jellyfin-cve-2021-29490.yml (#1632)
GitHub
Update jellyfin-cve-2021-29490.yml (#1632) · chaitin/xray@a9ddda5
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档. Contribute to chaitin/xray development by creating an account on GitHub.
👾KEYWORD SERVICE 🏷#cnvd
Name: cnvd_general_assets
Github: https://github.com/zhizhuoshuma/cnvd_general_assets
Name: cnvd_general_assets
Github: https://github.com/zhizhuoshuma/cnvd_general_assets
GitHub
GitHub - expzhizhuo/cnvd_general_assets: 配合爱企查和fofa实现注册资本大于5000w公司的公网通用资产查询搜索,方便证书挖掘
配合爱企查和fofa实现注册资本大于5000w公司的公网通用资产查询搜索,方便证书挖掘. Contribute to expzhizhuo/cnvd_general_assets development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-43959
Github: https://github.com/secware-ru/CVE-2022-43959
Describe:
**
Mumber: CVE-2022-43959
Github: https://github.com/secware-ru/CVE-2022-43959
Describe:
**
GitHub
GitHub - secware-ru/CVE-2022-43959: Bitrix Vulnerability CVE-2022-43959
Bitrix Vulnerability CVE-2022-43959. Contribute to secware-ru/CVE-2022-43959 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-40687
Github: https://github.com/williamkhepri/CVE-2022-40687-metasploit-scanner
Describe:
**
Mumber: CVE-2022-40687
Github: https://github.com/williamkhepri/CVE-2022-40687-metasploit-scanner
Describe:
**
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-21907
Github: https://github.com/Malwareman007/CVE-2022-21907
Describe:
HTTP Protocol Stack Remote Code Execution Vulnerability.
Mumber: CVE-2022-21907
Github: https://github.com/Malwareman007/CVE-2022-21907
Describe:
HTTP Protocol Stack Remote Code Execution Vulnerability.
GitHub
GitHub - Malwareman007/CVE-2022-21907: POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.
POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. - Malwareman007/CVE-2022-21907
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-0739
Github: https://github.com/destr4ct/CVE-2022-0739
Describe:
The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection
Mumber: CVE-2022-0739
Github: https://github.com/destr4ct/CVE-2022-0739
Describe:
The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection
GitHub
GitHub - destr4ct/CVE-2022-0739: Proof-of-Concept exploit (SQLI BookingPress before 1.0.11)
Proof-of-Concept exploit (SQLI BookingPress before 1.0.11) - destr4ct/CVE-2022-0739
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-30910
Github: https://github.com/arozx/CVE-2022-30910
Describe:
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm.
Mumber: CVE-2022-30910
Github: https://github.com/arozx/CVE-2022-30910
Describe:
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm.
GitHub
GitHub - arozx/CVE-2022-30190: A very simple MSDT "Follina" exploit **patched**
A very simple MSDT "Follina" exploit **patched**. Contribute to arozx/CVE-2022-30190 development by creating an account on GitHub.
** xray ** 🔧Tool update
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/4f47fb13a2454590309eaf2279ba2c9a3b1150fe
commitUpdate log:
Fix Python3 Flask bug: ImportError: cannot import name 'escape' from 'jinja2' (/usr/local/lib/python3.9/dist-packages/jinja2/__init__.py) (#1680)
Signed-off-by: DroidKali <DroidKali@users.noreply.github.com>
Signed-off-by: DroidKali <DroidKali@users.noreply.github.com>
Co-authored-by: DroidKali <DroidKali@users.noreply.github.com>
Tools name:xray
Tools url:https://github.com/chaitin/xray/commit/4f47fb13a2454590309eaf2279ba2c9a3b1150fe
commitUpdate log:
Fix Python3 Flask bug: ImportError: cannot import name 'escape' from 'jinja2' (/usr/local/lib/python3.9/dist-packages/jinja2/__init__.py) (#1680)
Signed-off-by: DroidKali <DroidKali@users.noreply.github.com>
Signed-off-by: DroidKali <DroidKali@users.noreply.github.com>
Co-authored-by: DroidKali <DroidKali@users.noreply.github.com>
GitHub
Fix Python3 Flask bug: ImportError: cannot import name 'escape' from … · chaitin/xray@4f47fb1
…'jinja2' (/usr/local/lib/python3.9/dist-packages/jinja2/__init__.py) (#1680)
Signed-off-by: DroidKali <DroidKali@users.noreply.github.com>
Signed-off-by: DroidKal...
Signed-off-by: DroidKali <DroidKali@users.noreply.github.com>
Signed-off-by: DroidKal...
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-42094
Github: https://github.com/bypazs/CVE-2022-42094
Describe:
**
Mumber: CVE-2022-42094
Github: https://github.com/bypazs/CVE-2022-42094
Describe:
**
GitHub
GitHub - bypazs/CVE-2022-42094: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability…
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Card content. - bypazs/CVE-2022-42094
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-42096
Github: https://github.com/bypazs/CVE-2022-42096
Describe:
**
Mumber: CVE-2022-42096
Github: https://github.com/bypazs/CVE-2022-42096
Describe:
**
GitHub
GitHub - bypazs/CVE-2022-42096: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability…
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Post content. - bypazs/CVE-2022-42096
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-42097
Github: https://github.com/bypazs/CVE-2022-42097
Describe:
**
Mumber: CVE-2022-42097
Github: https://github.com/bypazs/CVE-2022-42097
Describe:
**
GitHub
GitHub - bypazs/CVE-2022-42097: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability…
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the comment. - bypazs/CVE-2022-42097
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-42098
Github: https://github.com/bypazs/CVE-2022-42098
Describe:
**
Mumber: CVE-2022-42098
Github: https://github.com/bypazs/CVE-2022-42098
Describe:
**
GitHub
GitHub - bypazs/CVE-2022-42098: KLiK-SocialMediaWebsite v1.0.1 has SQL Injection Vulnerabilities at profile.php
KLiK-SocialMediaWebsite v1.0.1 has SQL Injection Vulnerabilities at profile.php - bypazs/CVE-2022-42098
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-22909
Github: https://github.com/0z09e/CVE-2022-22909
Describe:
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.
Mumber: CVE-2022-22909
Github: https://github.com/0z09e/CVE-2022-22909
Describe:
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.
GitHub
GitHub - 0z09e/CVE-2022-22909: Hotel Druid 3.0.3 Code Injection to Remote Code Execution
Hotel Druid 3.0.3 Code Injection to Remote Code Execution - 0z09e/CVE-2022-22909
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-40146
Github: https://github.com/cckuailong/CVE-2022-40146_Exploit_Jar
Describe:
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
Mumber: CVE-2022-40146
Github: https://github.com/cckuailong/CVE-2022-40146_Exploit_Jar
Describe:
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
GitHub
GitHub - cckuailong/CVE-2022-40146_Exploit_Jar
Contribute to cckuailong/CVE-2022-40146_Exploit_Jar development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-40470
Github: https://github.com/RashidKhanPathan/CVE-2022-40470
Describe:
**
Mumber: CVE-2022-40470
Github: https://github.com/RashidKhanPathan/CVE-2022-40470
Describe:
**
GitHub
GitHub - RashidKhanPathan/CVE-2022-40470: Cross Site Scripting in Blood Donor Management System Using CodeIgniter - 1.0
Cross Site Scripting in Blood Donor Management System Using CodeIgniter - 1.0 - RashidKhanPathan/CVE-2022-40470
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-3518
Github: https://github.com/lohith19/CVE-2022-3518
Describe:
A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-211014 is the identifier assigned to this vulnerability.
Mumber: CVE-2022-3518
Github: https://github.com/lohith19/CVE-2022-3518
Describe:
A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-211014 is the identifier assigned to this vulnerability.
GitHub
GitHub - lohith19/CVE-2022-3518
Contribute to lohith19/CVE-2022-3518 development by creating an account on GitHub.
👾CVE SERVICE 🏷#CVE
Mumber: CVE-2022-3602
Github: https://github.com/colmmacc/CVE-2022-3602
Describe:
**
Mumber: CVE-2022-3602
Github: https://github.com/colmmacc/CVE-2022-3602
Describe:
**
GitHub
GitHub - colmmacc/CVE-2022-3602
Contribute to colmmacc/CVE-2022-3602 development by creating an account on GitHub.