{"vulnerability": "GHSA-FR5H-RQP8-MJ6G", "sightings": [{"uuid": "9c88f825-bd41-43e3-b134-e625f734302f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/126", "content": "\ud83d\udea8Alert\ud83d\udea8CVE-2024-34351:Next.js Server-Side Request Forgery in Server Actions\n\ud83d\udd25PoC: https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps#/ \n\u26a0A SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself.\n\ud83d\udcca3.1M+ Services are found on  hunter.how\n\ud83d\udd17Hunter Link: https://hunter.how/list?searchValue=product.name%3D%22Next.js%22 \n\ud83d\udcf0Refer: https://github.com/advisories/GHSA-fr5h-rqp8-mj6g \nHunter:/product.name=\"Next.js\"\nFOFA:app=\"Next.js\"\nSHODAN:http.component:\"Next.js\"", "creation_timestamp": "2024-05-10T12:42:38.000000Z"}, {"uuid": "fc0b106a-60c5-48e7-8989-8a65201265e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/158", "content": "Tools - Hackers Factory\n\nIt creates a livedump of the machine through NtDebugSystemControl to extract the COM secret and context, to then inject inside this process.\n\nhttps://github.com/Slowerzs/PPLSystem\n\nAgentic LLM Vulnerability Scanner \n\nhttps://github.com/msoedov/agentic_security\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/msoedov/agentic_security\n\nPowerful+Fast Kubernetes service discovery tools via kubernetes DNS service. Currently supported service ip-port BruteForcing / AXFR Domain Transfer Dump / Coredns WildCard Dump \n\nhttps://github.com/Esonhugh/k8spider\n\nHTTP 403 bypass tool \n\nhttps://github.com/trap-bytes/403jump\n\n\nMOBEXLER - A Mobile Application Penetration Testing Platform\n\nhttps://github.com/enciphers-team/Mobexler/blob/master/docs/index.md\n\nA library for detecting known secrets across many web frameworks \n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nThe Yoast SEO plugin for WordPress is vulnerable to... \n\nhttps://github.com/advisories/GHSA-3733-6v6m-39mh\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nFuzz 401/403/404 pages for bypasses \n\nhttps://github.com/intrudir/BypassFuzzer\n\nAn interactive shell to spoof some LOLBins command line \n\nhttps://github.com/itaymigdal/LOLSpoof\n\nFully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. \n\nhttps://github.com/Syslifters/sysreptor\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:07:45.000000Z"}, {"uuid": "68c8561a-8a7c-4353-ba1e-6559645cb827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/155", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:00:55.000000Z"}, {"uuid": "ba84acce-3840-4e31-8232-1541ac9f79de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4430", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:33:16.000000Z"}, {"uuid": "14e7fa51-22f3-435d-8a9e-70abba40525c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3256", "content": "Tools - Hackers Factory\n\nIt creates a livedump of the machine through NtDebugSystemControl to extract the COM secret and context, to then inject inside this process.\n\nhttps://github.com/Slowerzs/PPLSystem\n\nAgentic LLM Vulnerability Scanner \n\nhttps://github.com/msoedov/agentic_security\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/msoedov/agentic_security\n\nPowerful+Fast Kubernetes service discovery tools via kubernetes DNS service. Currently supported service ip-port BruteForcing / AXFR Domain Transfer Dump / Coredns WildCard Dump \n\nhttps://github.com/Esonhugh/k8spider\n\nHTTP 403 bypass tool \n\nhttps://github.com/trap-bytes/403jump\n\n\nMOBEXLER - A Mobile Application Penetration Testing Platform\n\nhttps://github.com/enciphers-team/Mobexler/blob/master/docs/index.md\n\nA library for detecting known secrets across many web frameworks \n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nThe Yoast SEO plugin for WordPress is vulnerable to... \n\nhttps://github.com/advisories/GHSA-3733-6v6m-39mh\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nFuzz 401/403/404 pages for bypasses \n\nhttps://github.com/intrudir/BypassFuzzer\n\nAn interactive shell to spoof some LOLBins command line \n\nhttps://github.com/itaymigdal/LOLSpoof\n\nFully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. \n\nhttps://github.com/Syslifters/sysreptor\n\n#HackersFactory", "creation_timestamp": "2024-05-30T10:08:39.000000Z"}, {"uuid": "ea586449-0482-4f8f-95c6-f7fa72333daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3248", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:30:14.000000Z"}, {"uuid": "a47a4139-f9ad-4213-9f9b-c8c7f414a5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21550", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:30:30.000000Z"}, {"uuid": "ff68ea34-785a-424b-afe4-f04386b5ec05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21710", "content": "Tools - Hackers Factory\n\nIt creates a livedump of the machine through NtDebugSystemControl to extract the COM secret and context, to then inject inside this process.\n\nhttps://github.com/Slowerzs/PPLSystem\n\nAgentic LLM Vulnerability Scanner \n\nhttps://github.com/msoedov/agentic_security\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/msoedov/agentic_security\n\nPowerful+Fast Kubernetes service discovery tools via kubernetes DNS service. Currently supported service ip-port BruteForcing / AXFR Domain Transfer Dump / Coredns WildCard Dump \n\nhttps://github.com/Esonhugh/k8spider\n\nHTTP 403 bypass tool \n\nhttps://github.com/trap-bytes/403jump\n\n\nMOBEXLER - A Mobile Application Penetration Testing Platform\n\nhttps://github.com/enciphers-team/Mobexler/blob/master/docs/index.md\n\nA library for detecting known secrets across many web frameworks \n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nThe Yoast SEO plugin for WordPress is vulnerable to... \n\nhttps://github.com/advisories/GHSA-3733-6v6m-39mh\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nFuzz 401/403/404 pages for bypasses \n\nhttps://github.com/intrudir/BypassFuzzer\n\nAn interactive shell to spoof some LOLBins command line \n\nhttps://github.com/itaymigdal/LOLSpoof\n\nFully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. \n\nhttps://github.com/Syslifters/sysreptor\n\n#HackersFactory", "creation_timestamp": "2024-05-30T10:10:01.000000Z"}, {"uuid": "1a6e6948-40fc-454e-b9e5-3ad90ac045a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/7847", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:33:16.000000Z"}, {"uuid": "febfb3cc-df18-4050-9aae-146dbcb20153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4009", "content": "\ud83d\udea8Alert\ud83d\udea8CVE-2024-34351:Next.js Server-Side Request Forgery in Server Actions\n\ud83d\udd25PoC: https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps#/ \n\u26a0A SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself.\n\ud83d\udcca3.1M+ Services are found on  hunter.how\n\ud83d\udd17Hunter Link: https://hunter.how/list?searchValue=product.name%3D%22Next.js%22 \n\ud83d\udcf0Refer: https://github.com/advisories/GHSA-fr5h-rqp8-mj6g \nHunter:/product.name=\"Next.js\"\nFOFA:app=\"Next.js\"\nSHODAN:http.component:\"Next.js\"\n#NextJS #SSRF #Vulnerability", "creation_timestamp": "2024-05-10T12:02:39.000000Z"}, {"uuid": "cb69c8a5-9c55-40d4-a183-d9dce141eba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanOfficial/929", "content": "Tools - Hackers Factory\n\nIt creates a livedump of the machine through NtDebugSystemControl to extract the COM secret and context, to then inject inside this process.\n\nhttps://github.com/Slowerzs/PPLSystem\n\nAgentic LLM Vulnerability Scanner \n\nhttps://github.com/msoedov/agentic_security\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/msoedov/agentic_security\n\nPowerful+Fast Kubernetes service discovery tools via kubernetes DNS service. Currently supported service ip-port BruteForcing / AXFR Domain Transfer Dump / Coredns WildCard Dump \n\nhttps://github.com/Esonhugh/k8spider\n\nHTTP 403 bypass tool \n\nhttps://github.com/trap-bytes/403jump\n\n\nMOBEXLER - A Mobile Application Penetration Testing Platform\n\nhttps://github.com/enciphers-team/Mobexler/blob/master/docs/index.md\n\nA library for detecting known secrets across many web frameworks \n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nThe Yoast SEO plugin for WordPress is vulnerable to... \n\nhttps://github.com/advisories/GHSA-3733-6v6m-39mh\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nFuzz 401/403/404 pages for bypasses \n\nhttps://github.com/intrudir/BypassFuzzer\n\nAn interactive shell to spoof some LOLBins command line \n\nhttps://github.com/itaymigdal/LOLSpoof\n\nFully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike. \n\nhttps://github.com/Syslifters/sysreptor\n\n#HackersFactory", "creation_timestamp": "2024-05-30T10:09:06.000000Z"}, {"uuid": "1e6ba63d-4f8d-4c7b-8df0-cdc2796877f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FR5H-RQP8-MJ6G", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatCommunity/7800", "content": "Tools - Hackers Factory\n\nCross Site Scripting ( XSS ) Vulnerability Payload List \n\nhttps://github.com/payloadbox/xss-payload-list\n\nYARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js \n\nhttps://github.com/spaceraccoon/detect-cve-2024-4367\n\nThe Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. \n\nhttps://github.com/0xInfection/XSRFProbe\n\nhttps://github.com/blacklanternsecurity/badsecrets\n\nAutomation for javascript recon in bug bounty. \n\nhttps://github.com/KathanP19/JSFScan.sh\n\nTempMail is a simple web application that allows you to generate temporary email addresses and view the emails received by these addresses. \n\nhttps://github.com/mehmetkahya0/temp-mail \n\nThis Repositories contains list of One Liners with Descriptions and Installation requirements \n\nhttps://github.com/thecybertix/One-Liner-Collections\n\nAutomatic SSRF fuzzer and exploitation tool \n\nhttps://github.com/swisskyrepo/SSRFmap\n\nA tool to fastly get all javascript sources/files \n\nhttps://github.com/003random/getJS\n\nServer-Side Request Forgery in Server Actions \n\nhttps://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g\n\nInQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration. \n\nhttps://github.com/doyensec/inql\n\n#HackersFactory", "creation_timestamp": "2024-05-25T15:32:53.000000Z"}]}