Search Results | AttackerKB

Show filters

Topics 3 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2020-13486

Disclosure Date: May 25, 2020 (last updated February 21, 2025)

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2020-13485

Disclosure Date: May 25, 2020 (last updated February 21, 2025)

The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2018-10404

Disclosure Date: June 13, 2018 (last updated November 26, 2024)

An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.

0