Skip to content

@afine-com afine.com

Change the repository type filter

All

    Repositories list

    17 repositories

    • research

      Public
      CVEs, conference materials, research.
      0800Updated Jan 8, 2025Jan 8, 2025

    • Full-Path-Disclosure-Passive-Scanner

      Public
      FPD Scanner is a Burp Suite extension that passively scans HTTP responses for full path disclosure (FPD) vulnerabilities. It highlights paths that could expose sensitive information about a server's file structure, such as file paths in Windows and Unix/Linux environments.
      Python
      0000Updated Sep 9, 2024Sep 9, 2024

    • CVE-2024-5737

      Public
      AdmirorFrames Joomla! Extension < 5.0 - HTML Injection
      0000Updated Jun 28, 2024Jun 28, 2024

    • CVE-2024-5736

      Public
      AdmirorFrames Joomla! Extension < 5.0 - Server-Side Request Forgery
      GNU General Public License v3.0
      0000Updated Jun 28, 2024Jun 28, 2024

    • CVE-2024-5735

      Public
      AdmirorFrames Joomla! Extension < 5.0 - Full Path Disclosure
      0000Updated Jun 28, 2024Jun 28, 2024

    • CVE-2018-25031

      Public
      .json and .yaml files used to exploit CVE-2018-25031
      11201Updated Apr 5, 2024Apr 5, 2024

    • CVE-2024-24816

      Public
      CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the "preview" feature.
      GNU General Public License v3.0
      2200Updated Feb 10, 2024Feb 10, 2024

    • CVE-2023-45184

      Public
      IBM i Access Client Solution < 1.1.9.4 - Local server broken access control.
      Python
      GNU General Public License v3.0
      0000Updated Jan 26, 2024Jan 26, 2024

    • CVE-2023-45182

      Public
      IBM i Access Client Solutions < 1.1.9.4 - Weak password encryption
      Java
      GNU General Public License v3.0
      0000Updated Jan 26, 2024Jan 26, 2024

    • CVE-2023-45185

      Public
      IBM i Access Client Solutions < 1.1.9.4 - Remote code execution via insecure deserialisation
      GNU General Public License v3.0
      0000Updated Jan 24, 2024Jan 24, 2024

    • CVE-2023-39062

      Public
      Spipu Html2Pdf < 5.2.8 - XSS vulnerabilities in example files
      GNU General Public License v3.0
      0000Updated Aug 26, 2023Aug 26, 2023

    • CVE-2023-35840

      Public
      elFinder < 2.1.62 - Path Traversal vulnerability in PHP LocalVolumeDriver connector
      GNU General Public License v3.0
      1200Updated Jun 22, 2023Jun 22, 2023

    • CVE-2022-35500

      Public
      Stored Cross-site Scripting (XSS) in leave comment functionality in Amasty Blog Pro for Magento 2
      0100Updated Oct 24, 2022Oct 24, 2022

    • CVE-2022-35501

      Public
      Stored Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2
      0100Updated Oct 24, 2022Oct 24, 2022

    • CVE-2022-36433

      Public
      Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2
      0100Updated Oct 24, 2022Oct 24, 2022

    • CVE-2022-36432

      Public
      Cross-site Scripting (XSS) in Preview functionality in Amasty Blog Pro for Magento 2
      0100Updated Oct 24, 2022Oct 24, 2022

    • collaborator-everywhere-with-ip-support

      Public
      Collaborator Everywhere fork which supports IP addresses instead of domain names. Useful for testing inside internal networks. A Burp Suite Pro extension which augments your proxy traffic by injecting non-invasive headers designed to reveal backend systems by causing pingbacks to Burp Collaborator.
      Java
      98400Updated May 19, 2022May 19, 2022