new tests
June 26, 2024
Now testing for the following vulnerabilities
Alfred BergSecurity Researcher
Alfred Berg
Security Researcher
New tests released based on submissions by our Detectify Crowdsource hackers:
- CVE-2024-34102: Adobe Commerce & Magento XXE
- CVE-2024-4956: Nexus Repository Manager Local File Inclusion
- CVE-2024-4577: PHP Remote Code Execution
- CVE-2024-32640: Mura CMS SQL Injection
- CVE-2024-28995: Solarwinds Server-U Path Traversal
- CVE-2024-24919: CheckPoint Arbitrary File Read
- CVE-2023-43472: MLflow Sensitive Information Disclosure
- CVE-2023-43208: NextGen Healthcare Mirth Connect RCE
- CVE-2023-37679: NextGen Healthcare Mirth Connect RCE
- CVE-2023-2227: Modoboa Authentication Bypass
- Visual Studio Code Slnx.SQLite File Disclosure
- Poste.io Installer Exposure
- Forgejo Installer Exposure
- Content-Security-Policy Bypass via MediaWiki
- Cacti Log File Exposure
- Sophos Firewall Installer Exposure
- Trilium Installer Exposure
- Content-Security-Policy Bypass via VK
- Content-Security-Policy Bypass via Yahoo
- Axigen Installer Exposure
- Octoprint Installer Exposure
Improved tests to reduce false negatives:
- RabbitMQ Default Credentials
Thanks for your feedback