OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue – Torchsec
April 11th, 2024 | ๐
TTS Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed in finding and
Browsing the "deserialization" Tag
Artica Proxy Unauthenticated PHP Deserialization – Torchsec
March 27th, 2024 | ๐
https://www.ispeech.org/text.to.speech ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerinclude Msf::Exploit::FileDropperprepend
Gibbon LMS 26.0.00 PHP Deserialization / Code Execution – Torchsec
March 20th, 2024 | ๐
https://www.ispeech.org/text.to.speech # Exploit Title: Gibbon LMS has a PHP Deserialization vulnerability on the v26.0.00 version# Date: 22.01.2024# Exploit Author: SecondX.io
Artica Proxy 4.50 Unauthenticated PHP Deserialization – Torchsec
March 7th, 2024 | ๐
https://www.ispeech.org/text.to.speech KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability Title: Artica Proxy Unauthenticated PHP Deserialization VulnerabilityAdvisory ID: KL-001-2024-002Publication Date: 2024.03.05Publication URL:
AjaxPro Deserialization Remote Code Execution – Torchsec
November 14th, 2023 | ๐
iSpeech ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude
PyTorch Model Server Registration / Deserialization Remote Code Execution – Torchsec
October 13th, 2023 | ๐
Text to Speech Demo ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require 'rex/zip' class MetasploitModule < Msf::Exploit::RemoteRank =
Greenshot 1.3.274 Deserialization / Command Execution – Torchsec
August 17th, 2023 | ๐
iSpeech.org ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking include Msf::Exploit::FILEFORMATinclude Msf::Post::File def
Coalfire Blog – Exploiting Blind Java Deserialization with Burp and Ysoserial
February 23rd, 2023 | ๐
https://www.ispeech.org While performing a web application penetration test, I stumbled upon a parameter with some base64 encoded data within a
GitLab GitHub Repo Import Deserialization Remote Code Execution – Torchsec
February 16th, 2023 | ๐
Powered by iSpeech ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::RemoteRank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheck
Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution – Torchsec
February 9th, 2023 | ๐
iSpeech ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::JavaDeserialization
Zoho Password Manager Pro XML-RPC Java Deserialization – Torchsec
August 3rd, 2022 | ๐
TTS ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude
Chrome PaintImage Deserialization Out-Of-Bounds Read
July 11th, 2022 | ๐
Text to Speech VoicesThe code in cc::PaintImageReader::Read (cc::PaintImage*) does not properly check the incoming data when handling embedded image data,
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization – Torchsec
June 21st, 2022 | ๐
iSpeech.org SEC Consult Vulnerability Lab Security Advisory < 20220608-0 >=======================================================================title: Stored Cross-Site Scripting & Unsafe Java Deserializiationproduct: Gentics CMSvulnerable version:
OpenCart So Listing Tabs 2.2.0 Unsafe Deserialization – Torchsec
May 18th, 2022 | ๐
iSpeech.org -] Affected Versions: Version 2.2.0 is affected, and prior versions are likely affected too. -] Vulnerabilities Description: Vulnerable component
-
Donate Via Wallets
-
MetaMask -
Trust Wallet -
Binance Wallet -
WalletConnect
-
-
Popular
Debian Security Advisory 5664-1 – Torchsec April 18, 2024 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5664-1 security@debian.orghttps://www.debian.org/security/… (10)
Hackers Exploiting WP-Automatic Plugin Bug to Create… April 26, 2024 ๎ Apr 26, 2024๎ NewsroomThreat Intelligence / Cyber Attack Threat actors are… (9)- MinIO Privilege Escalation – Torchsec April 13, 2024 # Exploit Title: MinIO < 2024-01-31T20-20-33Z - Privilege Escalation# Date:… (7)
- Red Hat Security Advisory 2024-2049-03 – Torchsec May 4, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2049.jsonRed Hat officially shut… (7)
๐ฅMembers
-
๐ Forum Groups
-
linktr.ee/obewyn
Gloss