Cracking – TNT Sécurité

← Articles plus anciens

Archives du Blog blog
10K+ Configs OB2, SVB

Posté dans 3 juillet 2025 2:43 pm par TNT Sécurité

Config Cracking
SilverBullet Pro 1.5.8

Posté dans 2 juillet 2025 11:18 am par TNT Sécurité

Cracking
SilverBullet 1.1.4

Posté dans 2 juillet 2025 10:54 am par TNT Sécurité

Cracking
OpenBullet

Posté dans 2 juillet 2025 10:43 am par TNT Sécurité

Cracking
Swiss Army Suite (SAS)

Posté dans 2 juillet 2025 9:09 am par TNT Sécurité

Cracking Logiciels divers
Mango Keywords 3.4.1

Posté dans 2 juillet 2025 8:56 am par TNT Sécurité

Cracking Logiciels divers
Environment.ini config file

Posté dans 29 mai 2025 2:23 pm par TNT Sécurité

Config Cracking
Dork Searcher V3

Posté dans 21 mai 2025 1:10 pm par TNT Sécurité

Cracking Logiciels divers
Dorking E-Book

Posté dans 21 mai 2025 10:04 am par TNT Sécurité

Cracking Document
Magic Dork V3.4.5

Posté dans 21 mai 2025 8:56 am par TNT Sécurité

Cracking Logiciels divers

Outils

Swiss Army Suite (SAS) | 9.35 MB

Télécharger

Mango Keywords 3.4.1 | 25.26 MB

Télécharger

Dork Searcher V3 | 64.46 MB

Télécharger

Magic Dork V3.4.5 | 14.59 MB

Télécharger

SQLi Dorks Generator | 1.62 MB

Télécharger

SQLi Dumper 10.5 | 31.46 KB

Télécharger

Scan Now UPnP | 5.91 MB

ScanNowUPnP

CVE-2026-1126 18 janvier 2026

Medium Severity Description A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulation of the argument File leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly […]

CVE-2026-0863 18 janvier 2026

High Severity Description Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissions and can lead to a full n8n instance takeover on instances […]

CVE-2026-1124 18 janvier 2026

Medium Severity Description A security flaw has been discovered in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/work_report.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been released […]

CVE-2026-1125 18 janvier 2026

Medium Severity Description A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_wifidog_settings. Executing a manipulation of the argument wd_enable can lead to command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used […]

CVE-2026-1123 18 janvier 2026

Medium Severity Description A vulnerability was identified in Yonyou KSOA 9.0. Affected is an unknown function of the file /worksheet/work_mod.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was […]

[REVIVE-SA-2026-001] Revive Adserver Vulnerabilities 15 janvier 2026

Posted by Matteo Beccati on Jan 14======================================================================== Revive Adserver Security Advisory REVIVE-SA-2026-001 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2026-001 ------------------------------------------------------------------------ Date: 2026-01-14 Risk Level: High Applications affected: Revive...

Defense in depth -- the Microsoft way (part 95): the (shared) "Start Menu" is dispensable 11 janvier 2026

Posted by Stefan Kanthak via Fulldisclosure on Jan 10Hi @ll, the following is a condensed form of and . Windows Vista moved the shared start menu from "%ALLUSERSPROFILE%\Start Menu\" to "%ProgramData%\Microsoft\Windows\Start Menu\", with some shortcuts (*.lnk) "reflected" from the (immutable) component store below %SystemRoot%\WinSxS\ JFTR:...

Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) 11 janvier 2026

Posted by Art Manion via Fulldisclosure on Jan 10Hi, CVE IDs *can* be assigned for SaaS or similarly "cloud only" software. For a period of time, there was a restriction that only the provider could make or request such an assignment. But the current CVE rules remove this restriction: 4.2.3 CNAs MUST NOT consider the […]

RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in RIOT ethos Serial Frame Parser 11 janvier 2026

Posted by Ron E on Jan 10A stack-based buffer overflow vulnerability exists in the RIOT OS ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer (serial->frame) without verifying that the current write index […]

RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility via Unbounded Device Path Construction 11 janvier 2026

Posted by Ron E on Jan 10A stack-based buffer overflow vulnerability exists in the tapslip6 utility distributed with RIOT OS (and derived from the legacy uIP/Contiki networking tools). The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. Specifically, tapslip6 uses strcpy() and strcat() […]