Akamai researcher Tomer Peled has uncovered a concerning design flaw within Kubernetes’ git-sync project. This flaw could potentially enable attackers to execute commands or exfiltrate sensitive data, including service account...
Netgear, a leading provider of networking hardware, has issued a security advisory urging users to update the firmware on several of its popular product models. The advisory addresses a range...
QNAP has issued a critical security advisory regarding multiple vulnerabilities impacting their NAS software solutions. These vulnerabilities, if left unaddressed, could provide attackers with various avenues for compromising affected devices....
Electron_shell An increasing number of desktop applications are opting for the Electron framework. Electron provides a method that can be debugged, usually by utilizing Chrome’s inspect function or calling inspect...
Web Exploitation / Web Vulnerability Analysis
by do son · Published June 26, 2019 · Last modified May 1, 2024
Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool written by Anastasios Stasinopoulos (@ancst) that can be used from web developers, penetration testers or even security researchers in order...
Exploitation / Network PenTest
by do son · Published October 21, 2017 · Last modified November 4, 2024
NodeJS Debugger Command Injection /exploits/multi/misc/nodejs_v8_debugger.rb Metasploit module This module uses the “evaluate” request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to...
SHELLING – a comprehensive OS command injection payload generator – now also available as a Burp Plugin What is SHELLING? This tool is a customizable payload generator, suitable for detecting...
Web Exploitation / Web Vulnerability Analysis / WebApp PenTest
by do son · Published November 4, 2016 · Last modified November 4, 2024
Command Injection is submitted by malicious parameters of the structure of the destruction of command structure, so as to achieve the purpose of the implementation of malicious commands. PHP command...
Support Securityonline.info site. Thanks!
