Hacking8 安全信息流
最近更新
| 时间 | 节点 | |
|---|---|---|
| 2023年9月24日 21:01 | Github_POC |
[GitHub]Repository for CVE-2023-42426 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it's settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the server (to which the web server has access). The plugin only displays the last 50 lines of the file. [GitHub]Repository for CVE-2023-0156 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user (admin+) to plant bogus log files containing malicious JavaScript code that will be executed in the context of any administrator visiting this page. [GitHub]Repository for CVE-2023-0157 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. [GitHub]Repository for CVE-2023-4279 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
[GitHub]Repository for CVE-2023-4631 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link. [GitHub]Repository for CVE-2023-4294 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
[GitHub]Repository for CVE-2023-4549 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
[GitHub]Repository for CVE-2023-4800 vulnerability. |
| 2023年9月24日 21:01 | Github_POC |
[GitHub]Repository for CVE-2023-4281 vulnerability. |
| 2023年9月24日 20:51 | Github关注 | |
| 2023年9月24日 20:51 | Github关注 | |
| 2023年9月24日 19:51 | Github关注 |
Browser extension for opening lists of URLs built on top of WebExtension with cross-browser support |
| 2023年9月24日 19:45 | Exploitalert |
Taskhub 2.8.8 Cross Site Scripting |
| 2023年9月24日 19:45 | Exploitalert |
PHP Type Confusion Vulnerability Leading to Administrator Account Takeover via Authentication Bypass
PHP Type Confusion Vulnerability Leading to Administrator Account Takeover via Authentication Bypass |
| 2023年9月24日 19:45 | Exploitalert |
TOTOLINK Wireless Routers Remote Command Execution |
| 2023年9月24日 19:45 | Exploitalert |
Elasticsearch 8.5.3 Stack Overflow |
| 2023年9月24日 19:39 | Data Breach – Security Affairs |
U.S. educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The National Student Clearinghouse (NSC) is a nonprofit organization based in the United States that provides educational verification and reporting services to educational institutions, employers, and other organizations The organization has disclosed a data breach that impacted approximately […] The post National Student Clearinghouse data breach impacted approximately 900 US schools appeared first on Security Affairs. |
| 2023年9月24日 19:39 | CXSECURITY Database RSS Feed - |
Topic: Taskhub 2.8.8 Cross Site Scripting Risk: Low Text:## Title: TASKHUB-2.8.8-XSS-Reflected ## Author: nu11secur1ty ## Date: 09/22/2023 ## Vendor: https://codecanyon.net/user/inf... |
| 2023年9月24日 19:39 | CXSECURITY Database RSS Feed - |
PHP Type Confusion Vulnerability Leading to Administrator Account Takeover via Authentication Bypass
Topic: PHP Type Confusion Vulnerability Leading to Administrator Account Takeover via Authentication Bypass Risk: Medium Text:# CVE-2023-43154 - Macs Framework v1.1.4f CMS Type Confusion Vulnerability ## Table of Contents 1. [Overview](#overview) 2... |
| 2023年9月24日 19:39 | CXSECURITY Database RSS Feed - |
Topic: TOTOLINK Wireless Routers Remote Command Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... |
| 2023年9月24日 19:39 | CXSECURITY Database RSS Feed - |
Topic: Elasticsearch 8.5.3 Stack Overflow Risk: High Text:# Exploit Author: TOUHAMI KASBAOUI # Vendor Homepage: https://elastic.co/ # Version: 8.5.3 / OpenSearch # Tested on: Ubuntu ... |
| 2023年9月24日 17:51 | Github关注 |
Tutorial for extracting the GameBoy ROM from photographs of the die. |
| 2023年9月24日 17:11 | Github关注 |
基于 Lean 源码编译的 OpenWrt 固件——适配X86、R2C、R2S、R4S、R4SE、R5C、R5S、香橙派 R1 Plus、树莓派3B/B+、树莓派4B、R66S、R68S、M68S、H66K、H68K、H69K、E25、N1、S905x3、S922x、HK1、X96max、微加… |
| 2023年9月24日 17:11 | Github关注 |
Application Kernel for Containers |
| 2023年9月24日 16:51 | 看雪论坛 |
9月19日,由信息通信软件供应链安全社区(以下简称“社区”)发起,社区筹建单位、会员单位共同举办的2023软件供应链安全创新发展论坛在北京顺利召开。 |
| 2023年9月24日 16:31 | freebuf |
本文主要讲解基于arduino的badusb植入技术 |
| 2023年9月24日 15:31 | Github关注 |
User-Agent , X-Forwarded-For and Referer SQLI Fuzzer |
| 2023年9月24日 15:11 | freebuf |
该工具可以系统地浏览网页的URL并通过跟踪链接来发现链接的网站页面URL地址。 |
| 2023年9月24日 15:01 | Github_POC |
[GitHub]ecology_9_sql |
| 2023年9月24日 14:51 | T00ls论坛 |