new tests
September 16, 2024
Now testing for the following vulnerabilities
New tests released based on submissions by our Detectify Crowdsource hackers:
- CVE-2024-8181: Flowise Authentication Bypass
- CVE-2024-7928: FastAdmin Path Traversal
- CVE-2024-5217: ServiceNow Incomplete Input Validation in GlideExpression Script
- CVE-2024-4882: Sitefinity Open Redirect
- CVE-2024-4879: ServiceNow Jelly Template Injection Vulnerability in ServiceNow UI Macros
- CVE-2024-38475: Apache HTTP Server Improper escaping of output in mod_rewrite
- CVE-2024-37843: CraftCMS SQL Injection
- CVE-2024-2389: Progress Flowmon RCE
- CVE-2024-23692: Rejetto HTTP File Server Remote Code Execution
- CVE-2023-48022: Ray SSRF
- Homebridge Unfinished Install
- Laragon PHP Info Disclosure
- NGINX REST API Unauthorised Access
- Owncast Default Credentials
- Plone Default Credentials
- WampServer PHP Info Disclosure
- WordPress Plugin "WPS Hide Login" Bypass
Improved finding information:
- CVE-2024-31621: Flowise Authentication Bypass
Thanks for your feedback