🆕🆕JULY SPECIAL!!!!
📊Check out this insightful table revealing the most utilized Webcam services around the world! Stay informed and discover the trends shaping our digital world.
You can search for these on
USE QUERY product==""
Full
🚨Alert🚨New Outlook Exploit Unveiled: CVE-2023-35636 Leads to NTLM v2 Password Breach
⚠️This exploit enables attackers to intercept NTLM v2 hashes, which are used for authentication in Microsoft Windows systems.
📊910k+ Services are found on the
🚨Alert🚨CVE-2024-30103: Microsoft Outlook Remote Code Execution Vulnerability
⚠This Microsoft Outlook vulnerability can be circulated from user to user and doesn’t require a click to execute. Rather, execution initiates when an affected email is opened.This is notably dangerous
🚨Alert🚨CVE-2024-24919: A path traversal leading to an arbitrary file read!
🔥Deep Research:
⚠It is an arbitrary file read, allowing people to read any file on the system.
📊109K+ Services are found on
🔗Hunter
🚨Alert🚨CVE-2024-4439: Unauthenticated Stored Cross-Site Scripting Vulnerability in WordPress Core
⚠It can be exploited by both unauthenticated and authenticated users under varying circumstances and be leveraged to inject malicious web scripts into pages.
🤖Affected Versions:
🚨Alert🚨CVE-2024-21413 Microsoft Outlook RCE Flaw
POC Released
📊219.8K+ Services are found on the
🔗Hunter:
Dorks 👇👇👇
Hunter:="Outlook Web App"
FOFA: app="Microsoft-Outlook"
Shodan:http.component:"outlook
🚨Alert🚨CVE-2024-36991: Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows
PoC:
📊257.4K Services are found on
🔗Hunter Link:
👇Search Query
Hunter: /product.name="Splunk
🚨Alert🚨CVE-2024-21378:Remote Code Execution in Microsoft Outlook
⚠New research has been published on how to discover and exploit the vulnerability️!
📊662K+ Services are found on
🔗Hunter:
Dorks 👇👇👇
Hunter:
🚨Alert🚨CVE-2024-27348: Unauthenticated users can execute OS commands via Groovy injection in Apache HugeGraph-Server. Upgrade to version 1.3.0 to mitigate.
🔥Python Scanner:
📊200+ Services are found on
🔗Hunter
CVE-2024-27348 (RCE) - Unauth users can execute commands via Groovy injection in Apache HugeGraph-Server.
Fix: Upgrade to version 1.3.0
Python Scanner:
#bugbounty
#bugbountytip
#bugbountytips
🚨Alert🚨CVE-2024-3400: Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect(CVSS: 10)
⚠It enables an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
📊 371K+ Services are found on
🚨Alert🚨CVE-2024-3400: Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect(CVSS: 10)
⚠It enables an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
📊 371K+ Services are found on
🚨Alert🚨CVE-2024-4367/34342: JavaScript Flaws Threaten Millions of PDF.js and React-PDF Users
⚠Designated as CVE-2024-4367 in PDF.js and CVE-2024-34342 in React-PDF, this flaw leads to the execution of unrestricted JavaScript under the hosting domain’s context.
📊50K+ Services
🚨Alert🚨CVE-2024-34351:Next.js Server-Side Request Forgery in Server Actions
🔥PoC:
⚠A SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also
My colleague
@hash_kitten
and I discovered a full-read SSRF vulnerability in Next.js (CVE-2024-34351). We published our research today on
@assetnote
's blog: . Thank you to the Vercel team for a smooth disclosure process.
🚨Alert🚨CVE-2024-23692: Unauthenticated RCE Flaw in Rejetto HTTP File Server
🔥PoC:
📰Refer:
⚠It allows remote attackers to execute arbitrary code on affected servers without authentication, potentially leading to data breaches,
😲 Stephen Fewer of Rapid7 has shared the POC for my for Unauth RCE in Rejetto HTTP File Server 2.3m!
👉
👉
CVE: CVE-2024-23692
🚨 After an adjustment, RCE can now be achieved via SSRF without modifying the Host header! ⬇️
🚨Alert🚨CVE-2024-6387: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
🔗Hunter Link:
💼Scan Tool
@xaitax
:
⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows
🚨Alert🚨CVE-2023-50969: Critical Flaw in Imperva SecureSphere WAF Could Lead to Devastating Breaches
⚠ By manipulating the “Content-Encoding” headers in HTTP requests and sending specifically encoded POST data, attackers can effectively slip malicious payloads past the WAF’s
🚨Alert🚨CVE-2024-4879&CVE-2024-5217: ServiceNow Security Vulnerabilities Expose Businesses to RCE and Data Breaches
📊62.2K+ Services are found on
🔗Hunter Link:
👇Search Query
Hunter:/product.name="ServiceNow"
FOFA:
🚨Alert🚨CVE-2024-29895(CVSS:10): Critical Command Injection Vulnerabilities in Cacti:
🔥PoC:
⚠This vulnerability can be exploited remotely using the Cacti web interface, allowing an attacker to execute arbitrary commands on the Cacti server.
About CVE-2024-29895 . How to bypass cli_check. in
include/cli_check.php: define('CACTI_CLI_ONLY', true);
cmd_realtime.php is only accessible via local cli
Or it will throw
"<strong>This script is only meant to run at the command line.</strong>"
🚨Alert🚨CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol!
⚠They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted
🚨Alert🚨CVE-2024-20931 Oracle A RCE vuln based on Weblogic T3\IIOP protocol
POC Released
📊10.9K+ Services are found on the
🔗Hunter:
Dorks 👇👇👇
Hunter:/product.name="WebLogic Server"
FOFA: protocol="WebLogic"
Shodan:
🚨Alert🚨
CVE-2024-29415: Popular Node.js Package ‘node-ip’ Exposes Millions to Potential SSRF Attacks
⚠Widely-used node-ip npm package, which is designed to retrieve a computer’s IPv4 addresses, has been identified to contain a serious SSRF vulnerability.
📊35.6M+ Services are
🚨Alert🚨
CVE-2024-4577: PHP CGI Argument Injection Vulnerability
⚠This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. Arbitrary code can be executed on remote PHP servers through the argument
🚨Alert🚨PHP 8.1.0-dev Backdoor Remote Code Execution
📊22K+ Services are found on the
👇Search Query
Hunter: =="PHP" and product.version=="8.1.0"
🔗Hunter Link:
🧙♀️Deep Dive:
🚨Alert🚨CVE-2024-21762: Critical Fortinet FortiOS Out-of-Bound Write SSL VPN Vulnerability
⚠Fortinet released a security advisory for CVE-2024-21762. Bishop Fox analyzed the patch and developed a scanner to quickly determine if an appliance is affected by this vulnerability.
📊
🚨Alert🚨CVE-2024-3116: Remote Code Execution (RCE) in pgAdmin version 8.4 or below.(CVSS: 7.4)
⚠This vulnerability allows attackers to execute malicious code on servers running pgAdmin, potentially compromising the entire database system.
📊 1K+ Services are found on
🚨Alert🚨CVE-2023-20198: CISCO IOS XE RCE PoC Published by
@W01fh4cker
🔥PoC:
⚠Now, hackers across the entire spectrum of skill levels can gain full control over vulnerable routers and switches with shocking ease.
📊204K+ Services are found on
🚨Alert🚨CVE-2024-4985 (CVSS 10): Critical Authentication Bypass Flaw Found in GitHub Enterprise Server
🔥PoC:
⚠It could allow attackers to bypass authentication and gain unauthorized access to sensitive code repositories and data.
📊248K+ Services are
🚨Alert🚨CVE-2024-28995: High-Severity Directory Traversal Vulnerability affecting SolarWinds Serv-U.
🔥Deep Dive from
@rapid7
:
⚠SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on
🚨Alert🚨CVE-2024-40725&&CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61
📊363.8M+ Services are found on
🔗Hunter Link:
👇Search Query
Hunter:/product.name=="Apache" and product.version=="2.4.0"
FOFA:
🆕🆕🆕Deep dive in !!!!!CVE-2024-29059
📰Leaking ObjRefs to Exploit HTTP .NET Remoting:
📰Leaking and Exploiting ObjRefs via HTTP .NET Remoting
📊 154M+ Services are found on the
🚨Alert🚨CVE-2024-1071: WordPress Ultimate Member Plugin is under active attack!
⚠It manifests in versions 2.1.3 to 2.8.2 of the Ultimate Member plugin which can lead to the extraction of sensitive information from the database, including password hashes.
📊 522k+ Services are
🚨Alert🚨CVE-2024-23897 (CVSS 9.8): Critical Jenkins Security Vulnerability, RCE Possible
⚠A critical vulnerability within Jenkins’ built-in command line interface (CLI), opens the door to arbitrary file reads through the CLI, potentially culminating in remote code execution
🚨Alert🚨CVE-2024-4956:Nexus Repository Flaw Exposed, Software Supply Chains Threatened
⚠This vulnerability, discovered and responsibly reported by
@erickfernandox
, could allow attackers to access and download sensitive system files without authentication.
📊284K+ Services are
🚨Alert🚨CVE-2024-27497: Replace Your Linksys E2000 Router Now! There’s no fix in sight!
⚠A severe security flaw in the Linksys E2000 router lets hackers waltz right into your network.
📊 300+ Services are found on the
🔗Hunter Link:
🚨Alert🚨CVE-2024-36401 (CVSS 9.8): GeoServer Unauthenticated Remote Code Execution in Evaluating Property Name Expressions
🔥PoC:
📊6.4K+ Services are found on
🔗Hunter Link:
👇Search Query
Hunter:
🚨Alert🚨CVE-2024-21683(CVSS 8.3):RCE (Remote Code Execution) in Confluence Data Center and Server
⚠It allows an authenticated attacker to execute arbitrary code which has a high impact on confidentiality, integrity, and availability, and requires no user interaction.
📊1.7M+
🚨Alert🚨CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server And Cloud
🔥PoC:
⚠This XXE injection vulnerability, one of the craziest XXEs that
@chudyPB
has ever seen ,allows you to:
·Read files with SharePoint Farm Service
🚨Alert🚨CVE-2024-22245 & 22250: VMware Vulnerabilities Demand Immediate Action
⚠VMware has released an urgent security advisory regarding two critical vulnerabilities within its now-deprecated Enhanced Authentication Plug-in (EAP).
📊 312.7K+ Services are found on the
🚨Alert🚨CVE-2024-27956(CVSS 9.9 🔥): A WordPress SQL injection vulnerability in the WP-Automatic plugin
⚠More than 5.5 million attacks in just one month! Attackers can gain unauthorized access to websites and potentially take full control of them.
📊6K+ Services are found on
🚨Alert🚨CVE-2024-4879&CVE-2024-5217: ServiceNow Security Vulnerabilities Expose Businesses to RCE and Data Breaches
📊62.2K+ Services are found on
🔗Hunter Link:
👇Search Query
Hunter:/product.name="ServiceNow"
FOFA:
🚨Alert🚨CVE-2024-21677: Atlassian Confluence Path Traversal Vulnerability (CVSS:8.3)
⚠ It allows an unauthenticated attacker to exploit an undefinable vulnerability which has a high impact on confidentiality and requires user interaction.
📊 684K+ Services are found on the
🚨Alert🚨CVE-2024-23897 (CVSS 9.8): Critical Jenkins Security Vulnerability, RCE Possible
⚠A critical vulnerability within Jenkins’ built-in command line interface (CLI), opens the door to arbitrary file reads through the CLI, potentially culminating in remote code execution
🚨Alert🚨CVE-2024-29212: Veeam RCE Vulnerability Exposes Data Protection Services to Risk
⚠An attacker could remotely execute malicious code on the VSPC server machine, leading to possible data breaches or disruption of data protection services.
📊177K+ Services are found on
🚨Alert🚨CVE-2023-52251, CVE-2024-32030: Remote code execution in UI for Apache Kafka
🔥PoC:
⚠ Kafka UI is affected by two rce vulnerabilities. The first one in the message filtering component leads to execution of arbitrary unsandboxed groovy script. The
🚨Alert🚨Atlassian Confluence CVE-2023-22527
RCE Vulnerability In Confluence Data Center and Confluence Server CVSS score:9.0
📊461k+ Services are found
Affected version: Atlassian Confluence Data Center and Server 8.0.x/ 8.1.x/8.2.x/8.3.x/8.4.x/8.5.0-8.5.3
🔗Hunter
🚨Alert🚨CVE-2024-2961: glibc Vulnerability Opens Door to PHP Attacks
⚠This vulnerability, which allows for out-of-bounds memory writes, could enable remote attackers to execute arbitrary code within the context of vulnerable PHP applications.
📊2.6K+ Services are found on
Today we are releasing Grafana 10.0.1, 9.5.5, 9.4.13, 9.3.16, 9.2.20, and 8.5.27, which include a critical security fix. If you are affected, we recommend that you install newly released versions.
🆕🆕🆕 Deep dive into the new RCE in Microsoft Outlook (CVE-2024-21378) from
@ptswarm
⚠They've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirmed it works well! No back connect required!
A brief instruction for red teams:
1.
🚨Alert🚨CVE-2024-21378:Remote Code Execution in Microsoft Outlook
⚠New research has been published on how to discover and exploit the vulnerability️!
📊662K+ Services are found on
🔗Hunter:
Dorks 👇👇👇
Hunter:
🚨Alert🚨CVE-2022-0412: Unauthenticated Blind SQL Injection in TI WooCommerce Wishlist WordPress plugin
⚠It is a time-based SQL injection but you can extract databases with just one command.
✈️sqlmap./py -r request./txt --dbs --random-agent --time-sec=12 --level=5 --risk=3
CVE-2022-0412 is time based sql injection but you can extract databases with this command
sqlmap./py -r request./txt --dbs --random-agent --time-sec=12 --level=5 --risk=3 --batch --flush-session
#bugbounty
#bugbountytips
🚨Alert🚨CVE-2024-2879: Critical Security Flaw Found in Popular LayerSlider WordPress Plugin(CVSS: 9.8)
⚠It could be abused to extract sensitive information from databases, such as password hashes.
📊 1.8M+ Services are found on the
🔗Hunter:
🚨Alert🚨CVE-2024-34750: Apache Tomcat DoS vulnerability in HTTP/2 connector
📊50.3K+ Services are found on
🔗Hunter Link:
👇Search Query
Hunter: web.title="Apache Tomcat/9.0.0"||web.title="Apache Tomcat/10.1.0"||web.title="Apache
🚨Alert🚨
CVE-2024-29973: Unauthorized command injection in Zyxel NAS devices!!
🔥PoC:
⚠This command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS
🚨Alert🚨CVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published
⚠ An attacker could bypass security measures gain unauthorized access to sensitive files and perform arbitrary file system write!
📊 1.1K+ Services are found on the
🚨Alert🚨CVE-2024-5655(CVSS 9.6): Run pipelines as any user
🔗Hunter Link:
⚠This flaw allows attackers to trigger pipelines as another user under specific conditions, posing a significant security risk.
📊2.3M+ Services are found on
🚨Alert🚨CVE-2024-34470: An Unauthenticated Path Traversal vulnerability in HSC Mailinspector
📊180+ Services are found on
🔗Hunter Link:
📰Refer:
👇Query
Hunter: web.title=="..:: HSC MailInspector ::.."
CVE-2024-34470 on
@fofabot
Many vulnerable brazilian servers 🇧🇷
GET /mailinspector/public/loader.php?path=../../../../../../../etc/passwd
Query⚙️title=="..:: HSC MailInspector ::.."
Link🔗
🚨Alert🚨CVE-2023-41056: Redis Remote Code Execution Vulnerability
Redis may incorrectly handle resizing of memory buffers which can result in incorrect accounting of buffer sizes and lead to heap overflow and potential remote code execution.
📊 1.4M+ services are found on the
🚨Alert🚨CVE-2024-20356: A Command Injection vulnerability in Cisco's CIMC! Jailbreaking a Cisco appliance to run DOOM
🔥PoC:
📰Deep Dive:
📊 3K+ Services are found on
🔗Hunter Link:
🚨Alert🚨CVE-2024-31982: XWiki Remote code execution as guest via DatabaseSearch
🔥PoC and Bulk Scanner:
⚠XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or
🚨Alert🚨CVE-2024-4984: XSS on Yoast SEO plugin for WordPress
⚠Any user input inside sprintf() function is vulnerable to XSS, and there is a lot, even the WordPress core itself
📰Refer:
📰GitHub Advisory:
👇👇👇Hunter is currently
CVE-2024-4984: XSS on Yoast SEO plugin for WordPress, any user input inside sprintf() function is vulnerable to XSS, and there is a lot, even the WordPress core itself
#infosec
#bugbounty
#xss
🚨Alert🚨CVE-2023-52424: New WiFi Flaw Leaves All Devices Vulnerable to ‘SSID Confusion’ Attacks
⚠This vulnerability impacts all operating systems and WiFi clients!!!!! This flaw allows attackers to trick victims into connecting to a network with a spoofed SSID (network name),
Today, we published details of a new vulnerability arising from a design flaw in the IEEE 802.11 WiFi standard, identified in collaboration with renowned security expert
@vanhoefm
.
This vulnerability (CVE-2023-52424) impacts all operating systems and WiFi clients. (1/5)
🚨Alert🚨CVE-2024-28995: High-Severity Directory Traversal Vulnerability affecting SolarWinds Serv-U.
🔥Deep Dive from
@rapid7
:
⚠SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on
🚨Alert🚨CVE-2024-37032: Probllama—Ollama Remote Code Execution Vulnerability
🔥PoC:
⚠The issue relates to a case of insufficient input validation that results in a path traversal flaw. An attacker could exploit to overwrite arbitrary files on the server
We found a Remote Code Execution (RCE) vulnerability in
@Ollama
- one of the most popular AI inference projects on GitHub. Here is everything you need to know about
#Probllama
(CVE-2024-37032) 🧵👇
🚨Hackers exploit Aiohttp bug to find vulnerable networks
⚠CVE-2024-23334 exploitation just requires sending a simple HTTP request to the server with the path to any sensitive file.
📊 For example: `curl -v --path-as-is 'GET' '
http://0.0.0.0:8000/static/../../etc/passwd`
🔗PoC:
🚨Alert🚨CVE-2024-23334: Aio-libs aiohttp could allow a remote attacker to send a specially crafted URL request to view arbitrary files, which leads to directory traversal vulnerabilities.
📊 7.8M+ Services are found on
🔗Hunter
🚨Alert🚨
CVE-2024-28254/28255: Auth Bypass and SpEL Injection in OpenMetadata lead to a critical RCE (OOB Data Exfiltration).
🔥PoC:
📊 4.9K+ Services are found on
🔗Hunter Link:
👇Query
Hunter:
🚨Alert🚨 CVE-2023-36934 Yet another critical SQL injection uncovered in
#MOVEIt
Transfer
💡
Dorks on other platforms:
1⃣Shodan: http.favicon.hash:989289239
2⃣FOFA: icon_hash="989289239"
Refer to:
#bugbountytips
#infosecurity
🚨Alert🚨CVE-2024-23334: Aio-libs aiohttp could allow a remote attacker to send a specially crafted URL request to view arbitrary files, which leads to directory traversal vulnerabilities.
📊 7.8M+ Services are found on
🔗Hunter
🚨Alert🚨CVE-2024-22233: A high-severity Spring Framework Vulnerability
⚠️This vulnerability allows an attacker to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
📊35k+ Services are found on the
🚨Alert🚨CVE-2023-6317~6320: Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access
⚠Multiple vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices.
📊
🕹️Alert CVE-2023-29489 0 Day cPanel XSS vulnerability
HUNTER Search Link 💡:
Dorks on other platforms:
1⃣Shodan: product:cPanel
2⃣FOFA: app="cPanel-MGMT-Products"
Refer to:
@assetnote
@pdnuclei
🚨Alert🚨 🇨 🇻 🇪-2023-35885
#CloudPanel
Zero-Day vulnerability
🧷
👇🏻 Other Dorks 👇🏻
FOFA icon_hash="151132309"
Shodan http.favicon.hash:151132309
🧐 Check out a deep dive(☕️POC) on this
📌
#Infosys
#infosec
#informationsecurity
🚨Alert🚨CVE-2024-39884: Source Code Disclosure with Handlers Configured via AddType in Apache HTTP Server 2.4.60
📊9.5K+ Services are found on
🔗Hunter Link:
👇Search Query
Hunter: header="Apache/2.4.60"
SHODAN: Server:
🚨Alert🚨CVE-2024-6387: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server
🔗Hunter Link:
💼Scan Tool
@xaitax
:
⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows
🚨Alert🚨TeamViewer Exploited to Obtain Remote Access, Deploy Ransomware
⚠Researchers claim attackers exploit vulnerabilities in TeamViewer to gain initial access to victim devices and then deploy the aggressive LockBit ransomware, which encrypts critical files and demands
Today, I took a few minutes to analyze the
#WordPress
Automatic Plugin CVE-2024-27956 (Unauthenticated Arbitrary SQL Execution)
#security
#vulnerability
. Turns out it is super easy to exploit.
Here is a basic PoC:
Since "q" is passed directly into a $wpdb->get_results() call,
🚨Alert🚨CVE-2024-6385(CVSS:9.6):GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
⚖It's worth noting that the company patched a similar bug late last month (CVE-2024-5655) that could also be weaponized to run pipelines as other users.
📊2.4M+ Services are found
🚨Alert🚨Path Traversal Affecting Multiple CData Products!!!!CVE-2024-31848/31849/31850/31851
🔥PoC:
⚠The issue exists because of a combination of how the embedded Jetty server and CData servlets handle requests.
📊2.5K+ Services are found on
🚨Alert🚨CVE-2024-28890: Critical Forminator plugin flaw in WordPress sites!
⚠It may allow a remote attacker to upload malware on sites using the plugin.
📰Refer:
📊 149K+ Services are found on the
🔗Hunter Link:
🚨Alert🚨CVE-2024-23112: An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS and FortiProxy
⚠ It may allow an authenticated malicious user to gain access to another user’s bookmark via URL manipulation.
📊 3M+ Services are found on