Aller au contenu
Skip to CUSTOM_HTML-19
Skip to RECENT-POSTS-2
Skip to SEARCH-2
Skip to CUSTOM_HTML-2
Skip to RSS-5
Skip to RSS-4
Skip to BLOCK-2
Skip to META-2
Skip to LISTPACKAGES-2
Skip to CUSTOM_HTML-6
Skip to CUSTOM_HTML-17
Skip to CUSTOM_HTML-16
Skip to CUSTOM_HTML-11
Skip to CUSTOM_HTML-5
Skip to CUSTOM_HTML-7
Skip to CUSTOM_HTML-8
Skip to AKISMET_WIDGET-2
Skip to CUSTOM_HTML-9
Skip to TAG_CLOUD-2
Skip to ARCHIVES-2
Skip to CUSTOM_HTML-13
Skip to CUSTOM_HTML-18
Skip to CUSTOM_HTML-15
Attention à vos informations.
TNT Sécurité
Attention à vos informations.
Shrunk
Expand
Navigation Principale
Open
Contactez-moi
Page de maintenance
Section Privée
Open
Archives du Blog
blog
BurpSuite_Pro_Script
Posté dans
22 mai 2025 7:19 pm
par
TNT Sécurité
Script
TNT Hacking World
Articles récents
Comment installer SilverBullet Pro 1.5.8
Comment les Hackers utilisent OpenBullet 2 pour accéder vos comptes.
Comment installer/configurer OpenBullet 2
Comment les hackers créent des combo lists
Burp Suite Pro 2025
Microsoft Office Pro 2024 LTSC
Evil Portal pour envoyer un payload à un client.
Comment contourner Microsoft Defender et établir une session Meterpreter avec persistence.
Téléchargez le ISO de Windows 11
Office 2021 Pro LTSC
Search for:
Exploit Database
Common Vulnerability Database
CVE-2026-53946
24 juin 2026
Medium Severity Description Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, when re-rendering posts, Ghost would refetch missing image dimensions by issuing an outbound HTTP request to the URL stored on an image card — without restricting that URL to trusted image hosts. An authenticated staff user able to create or edit […]
CVE-2026-53947
24 juin 2026
Medium Severity Description Ghost is a Node.js content management system. From 5.18.0 until 6.21.1, a discrepancy in responses from the members signin endpoints made it possible for an unauthenticated attacker to determine whether a given email address belongs to a registered member of a Ghost site. This vulnerability is fixed in 6.21.1. Read more at […]
CVE-2026-53945
24 juin 2026
Medium Severity Description Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. This vulnerability is fixed in 6.21.1. Read more […]
CVE-2026-53948
24 juin 2026
Medium Severity Description Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to be served from the site with an attacker-chosen content type on S3/GCS storage backends. On installations that serve uploaded files from the same origin […]
CVE-2026-53949
24 juin 2026
Medium Severity Description Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private fields via a brute force attack. If SQLite was used as the database password hashes were fully accessible. If MySQL was […]
Bugtraq
OpenBSD mpls_do_error: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read
21 juin 2026
Posted by shj on Jun 20------------------------------------------------------------------------ OpenBSD mpls_do_error: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read ------------------------------------------------------------------------ Affected: OpenBSD -current prior to 2026-06-18 (fixed in -current) Vendor: OpenBSD Severity: Medium Reporter: Argus Systems Date: 2026-06-12 CVE: CVE-2026-56099 1. SUMMARY ========== The...
OpenBSD sppp_pap_input: PAP authentication bypass
21 juin 2026
Posted by shj on Jun 20------------------------------------------------------------------------ OpenBSD sppp_pap_input: PAP Authentication Bypass via Zero-Length bcmp ------------------------------------------------------------------------ Affected: OpenBSD all versions through 7.6 (fixed in -current) Vendor: OpenBSD Severity: High Reporter: Argus Date: 2026-06-16 1. SUMMARY ========== The sppp_pap_input() function in sys/net/if_spppsubr.c uses...
SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies - Worksnaps.net Worksnaps
21 juin 2026
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20SEC Consult Vulnerability Lab Security Advisory < 20260618-0 > ======================================================================= title: Hardcoded Root Cloud Credentials in Application Binaries product: Silver Leaf Technologies - Worksnaps.net Worksnaps vulnerable version:
SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions - SCHEMA ST4
21 juin 2026
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20SEC Consult Vulnerability Lab Security Advisory < 20260617-1 > ======================================================================= title: Multiple Vulnerabilities product: Quanos Content Solutions - SCHEMA ST4 vulnerable version: All versions of SCHEMA ST4 on-premises fixed version: Not applicable, see workaround section for mitigation. […]
SEC Consult SA-20260617-0 :: Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3
21 juin 2026
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20SEC Consult Vulnerability Lab Security Advisory < 20260617-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: Sprecher Automation SPRECON-E-C/-E-P/-E-T3 vulnerable version: See vulnerable versions below fixed version: See solution section below CVE number: CVE-2022-4333, CVE-2022-4332, CVE-2025-41741, ...
