Aggregator

A vulnerability was found in Zammad 3.0/3.1/3.2. It has been declared as problematic. This vulnerability affects unknown code of the component File Upload. The manipulation leads to cross site scripting. This vulnerability was named CVE-2020-10103. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in ZendTo up to 5.22-1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting (Reflected). This vulnerability is uniquely identified as CVE-2020-8985. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Adaptix is an extensible post-exploitation and adversarial emulation framework made for penetration testers. The Adaptix server is written in Golang and to allow operator flexibility. The GUI Client is written in C++ QT, allowing...

The post AdaptixC2: post-exploitation and adversarial emulation framework appeared first on Penetration Testing Tools.

A vulnerability classified as critical has been found in Brainstorm Force SureTriggers Plugin up to 1.0.82 on WordPress. Affected is an unknown function. The manipulation leads to incorrect privilege assignment. This vulnerability is traded as CVE-2025-27007. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Aftermath Aftermath is a Swift-based, open-source incident response framework. Aftermath can be leveraged by defenders in order to collect and subsequently analyze the data from the compromised host. Aftermath can be deployed from an...

The post aftermath: Swift-based, open-source macOS incident response framework appeared first on Penetration Testing Tools.

交换机技术引领车路云一体化系统智能升级！

交换机技术引领车路云一体化系统智能升级！

Get a sneak peak into how Trend Micro's Pwn2Own Berlin 2025 is breaking new ground, focusing on AI infrastructure and finding the bugs to proactively safeguard the future of computing.

RDPGuard 9.9.9 - Privilege Escalation

Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow

Trend™ Research discusses the evolving tradecraft of threat actor Earth Ammit, proven by the advanced toolset used in its TIDRONE and VENOM campaigns that targeted the drone supply chain.