-
Browser Exploitation Framework (BeEF) 0.5.4.0
ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux-gnu]
firefox 128.3.0esr
Parrot OS 8.2 (lorikeet)
Kernel Linux 6.9.7-amd64 x86_64
## Co…
-
Vulnerable Library - react-scripts-5.0.1.tgz
Path to dependency file: /ai/uxforai/fluent-app/package.json
Path to vulnerable library: /ai/uxforai/fluent-app/package.json
Found in HEAD commit: c2…
-
@bravegurkha brought this up on [Slack](https://nepalihackers-slack.herokuapp.com) and I've always wanted to do so too.
-
Vulnerable Library - webpack-5.93.0.tgz
Library home page: https://registry.npmjs.org/webpack/-/webpack-5.93.0.tgz
Found in HEAD commit: e860641c6c1a3b39daa0fa29dbca45ac5104d93d
## Vulnerabilit…
-
Vulnerable Library - gradio-3.4b2-py3-none-any.whl
Python library for easily interacting with trained machine learning models
Library home page: https://files.pythonhosted.org/packages/72/63/197bb7a…
-
AMs are written in PHP and as such have complete control over EngineBlock, if someone were to gain access to the Service Registry (with something like CSRF) then it would be trivial to inject somethin…
-
This bug bounty program is hosted on [Immunefi](https://immunefi.com/bounty/sovryn/). All bug reports must be submitted through Immunefi in order to be accepted. This post was created in accordance wi…
-
### Issue description:
[CVE-2021-21087](https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21087.yaml) is actually a XSS, not a RCE. Also, it does not provide a PO…
-
### Expected behaviour
Admin or other users should not be able to inject HTML or JavaScript payloads into the articles via the Body and Excerpt input fields, as this could lead to exploitation by a…
-
Vulnerable Library - bootstrap-2.3.2.min.js
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/lib…