The Node.js project has released an urgent security update addressing a critical command injection vulnerability (CVE-2024-27980) on Windows systems. Even with ‘shell’ options disabled, this flaw could allow attackers to...
Recently, researchers at Kaspersky Labs uncovered a new breed of banking Trojans dubbed “Coyote.” Unlike its predecessors, Coyote employs a cunning blend of cutting-edge technologies and innovative distribution tactics to...
Exploitation / Network PenTest
by do son · Published October 21, 2017 · Last modified November 4, 2024
NodeJS Debugger Command Injection /exploits/multi/misc/nodejs_v8_debugger.rb Metasploit module This module uses the “evaluate” request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to...
In order to facilitate intuitive browsing and get some files from the web server, this time you can try to use the system to support the python, php or ruby...
Support Securityonline.info site. Thanks!
CVE-2024-42057: Exploited by Helldown Ransomware to Target Linux
November 19, 2024
