Site search

MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field

A Stored Cross-site Scripting (XSS) vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The android:host attribute from <data android:scheme="android_secret_code"> elements is rendered in HTML reports without sanitization, enabling session hijacking and account takeover.

https://github.com/advisories/GHSA-8hf7-h89p-3pqj

⚠️ WARNING: LEGAL DISCLAIMER

This tool is intended for educational purposes only. The author is not responsible for any illegal use of this tool. Users aresolely responsible for their actions.

#kalilinux #kalilinuxtools #informationsecurity #ethicalhacker #pentesting #Ubuntu...

Spot The Difference: The Garden is an engaging game built on the Phaser 3 platform and in HTML5 format that challenges players to solve a series of tasks by finding the differences between two images. Inspired by nature, the game immerses players in a colorful and tranquil world of gardens and plants, where they must find five differences between pairs of images. Each level is filled with bright and detailed images that are a pleasure to look at, while players can test their attentiveness and concentration.

Players interact with the images, choosing the differences in each pair of images. The...

A modern social network powered by cutting-edge technologies. AlphaCMS Social offers a user-friendly and interactive interface (AJAX page navigation, AJAX message posting, AJAX counter updating, an MP3 player for listening to music while navigating pages, AJAX file uploading, AJAX content loading, and JSON), extensive functionality, an advanced control panel, multilingual support, and support for all modern mobile devices and PC browsers.

Nuron is a universal React/Next.js template designed for developing websites for agencies, tech companies, and startups. It comes with several pre-built homepages and demo one-pages—just choose the one you like and fill them with content. Built on Bootstrap 5, with SCSS styles and clean, commented code, the template is easy to customize and scale.

The template is fully responsive, supports Retina displays, and works seamlessly across popular browsers. The set includes blog sections, ready-made post templates, effects, sliders, and a comprehensive basic UI kit. It's a great starting point for agency websites, IT solutions, startups, and digital products—anytime you need...

Under the Moonlight, a game from KaiOS that can be played on the website in a browser.

Installation:
- Unzip to the root of your site
- Go to the site through the browser and you will be thrown into the installer, follow the instructions
- Set up a cron task for 2 files:
== /main/cron/
== /main/cron_system/
Installation complete

Self-written, php7, pdo, your own work, your own MVC, your own template engine, Bootstrap, font awesome 4.7.0

Installation: Go to the control panel, open the Alpha installer, upload the archive downloaded after purchase, and install.

The game runs entirely in JavaScript, with the exception of the PHP API handler.

You spin the roulette wheel and wait for the winner. Each character is worth a certain number of points, but the villains Thanos and Loki subtract points.

Player scores are displayed at the bottom, updated via AJAX with each result.

The game has a config.php file where you can change the number of points each character gives or takes away.

Update 10/31/2021:

The carousel didn't work on some...

A beautiful website clock created using SVG and JavaScript. The finished demo is shown using Bootstrap.
* You can change the color of the watch components as you wish and download the ready-made code.

<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" />

<style>
body{
background: #159957; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #155799, #159957); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #155799, #159957); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
}
</style>

<div class="container"><div class="row">

<div class="col-xs-12 text-center">

<div class="filler"></div>
 <svg width="200" height="200">
 <filter id="innerShadow" x="-20%" y="-20%" width="140%" height="140%">
 <feGaussianBlur in="SourceGraphic" stdDeviation="3"...

A modern social network powered by cutting-edge technologies. AlphaCMS Social offers a user-friendly and interactive interface (AJAX page navigation, AJAX message posting, AJAX counter updating, an MP3 player for listening to music while navigating pages, AJAX file uploading, AJAX content loading, and JSON), extensive functionality, an advanced control panel, multilingual support, and support for all modern mobile devices and PC browsers.

What's new in this version:
1. Version 1.8.6 introduced a bug with broken images in attachments other than JPG. This issue has been resolved.
2. Now, when installing new components on a website, the Alpha installer will automatically set...

This template is a ready-made solution for those who want to quickly launch their own portfolio website. CV Portfolio offers a set of HTML/CSS/JS files, a responsive layout, and adaptive design. It features various homepage styles, an "About Me" section, a project gallery, and a working contact form—everything you need to showcase your work and achievements online.

The template features cross-browser compatibility, Retina support, and a modern visual design. It comes with sliders, a set of free icons, Google fonts, and other interface elements, making it a great choice for freelancers, designers, developers, or creative professionals looking for a simple...