LeakIX's Avatar

LeakIX

@leakix.bsky.social

Maintaining and reporting for LeakIX. We are NOT affiliated with any ransomware campaign. http://mastodon.social/@leakix

76 Followers  |  2 Following  |  31 Posts  |  Joined: 18.10.2023  |  1.6025

Latest posts by leakix.bsky.social on Bluesky

picture

picture

🚨 New plugin: KestrelPlugin (CVE-2025-55315).

Kestrel HTTP request smuggling vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3AKestrelPlugin&scope=leak

02.12.2025 08:00 — 👍 1    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: XWikiPlugin (CVE-2025-24893, CVE-2025-32429, CVE-2025-52472, CVE-2025-55748).

XWiki multiple critical vulnerabilities detection - RCE, SQL/HQL injection, and path traversal.

Results: https://leakix.net/search?q=%2Bplugin%3AXWikiPlugin&scope=leak

01.12.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: FlowiseVersionPlugin.

Flowise vulnerability detection - detects 15+ CVEs including RCE, file upload, and SSRF vulnerabilities.

Results: https://leakix.net/search?q=%2Bplugin%3AFlowiseVersionPlugin&scope=leak

27.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: WazuhPlugin (CVE-2025-24016).

Wazuh default credentials and RCE vulnerability detection - RCE possible on multi-node configurations, versions 4.4.0 to 4.9.1 affected.

Results: https://leakix.net/search?q=%2Bplugin%3AWazuhPlugin&scope=leak

26.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: ICTBroadcastRcePlugin (CVE-2025-2611).

ICTBroadcast unauthenticated RCE vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3AICTBroadcastRcePlugin&scope=leak

25.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: SpipRcePlugin (CVE-2024-8517).

SPIP BigUp plugin pre-authentication RCE vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3ASpipRcePlugin&scope=leak

24.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: ViciboxVersionPlugin (CVE-2024-8503, CVE-2024-8504).

VICIdial outdated version detection - unauthenticated SQL injection and authenticated RCE, versions <= 2.14-917a affected.

Results: https://leakix.net/search?q=%2Bplugin%3AViciboxVersionPlugin&scope=leak

21.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: NCentralPlugin (CVE-2025-9316, CVE-2025-11700).

N-able N-Central session bypass and XXE vulnerability detection - XXE allows reading critical files.

Results: https://leakix.net/search?q=%2Bplugin%3ANCentralPlugin&scope=leak

20.11.2025 15:01 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: MagentoXxePlugin (CVE-2024-34102, CosmicSting).

Magento XXE injection vulnerability detection - may expose sensitive files, RCE possible in some cases.

Results: https://leakix.net/search?q=%2Bplugin%3AMagentoXxePlugin&scope=leak

20.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 Plugin update: PaloAltoPlugin (CVE-2024-3400, CVE-2025-0133).

PaloAlto PAN-OS XSS vulnerability detection added - GlobalProtect portal affected.

Results: https://leakix.net/search?q=%2Bplugin%3APaloAltoPlugin&scope=leak

19.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: GeoserverRcePlugin (CVE-2024-36401).

GeoServer RCE vulnerability detection via GetPropertyValue in WFS requests.

Results: https://leakix.net/search?q=%2Bplugin%3AGeoserverRcePlugin&scope=leak

18.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: SwaggerUIPlugin.

Swagger API documentation public exposure detection - may expose API endpoints, parameters, and data structures.

Results: https://leakix.net/search?q=%2Bplugin%3ASwaggerUIPlugin&scope=leak

17.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: PrometheusPlugin.

Prometheus server public exposure detection - may expose metrics, configuration, and infrastructure information.

Results: https://leakix.net/search?q=%2Bplugin%3APrometheusPlugin&scope=leak

14.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: GraphQLIntrospectionPlugin.

GraphQL introspection enabled detection - may expose sensitive schema information and database structures.

Results: https://leakix.net/search?q=%2Bplugin%3AGraphQLIntrospectionPlugin&scope=leak

13.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: WatchGuardFireboxPlugin (CVE-2025-59396).

WatchGuard Firebox default credentials allow administrative SSH access. CVE rejected by NVD: "Not a security vulnerability".

Results: https://leakix.net/search?q=%2Bplugin%3AWatchGuardFireboxPlugin&scope=leak

12.11.2025 15:41 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: GladinetPlugin (CVE-2025-11371, CVE-2025-30406, CVE-2025-12480).

Gladinet CentreStack/Triofox LFI, RCE, and auth bypass vulnerability detection.

Results: https://leakix.net/search?q=%2Bplugin%3AGladinetPlugin&scope=leak

12.11.2025 15:09 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: GLPIVersionPlugin.

GLPI vulnerability detection - detects 50+ CVEs including unauthenticated SQL injection, session hijacking, and account takeover.

Results: https://leakix.net/search?q=%2Bplugin%3AGLPIVersionPlugin&scope=leak

12.11.2025 08:00 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: MonstaFtpVersionPlugin (CVE-2025-34299).

MonstaFTP RCE vulnerability detection - versions < 2.11.3 affected.

Results: https://leakix.net/search?scope=leak&q=%2Bplugin%3AMonstaFtpVersionPlugin

07.11.2025 15:03 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

🚨 New plugin: SessionReaperPlugin (CVE-2025-54236) added.

Multiple Adobe Commerce / Magento instances exposed. Patch ASAP.

Details: https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/

Query: +plugin:SessionReaperPlugin

22.10.2025 11:50 — 👍 0    🔁 0    💬 0    📌 0
picture

picture

picture

picture

🚨 New plugin for Oracle E-Business Suite's CVE-2025-61882 is up.

First huge plugin by Chocapikk 🥳

LeakIX now has OOB scanning capability!

The check based on actual vulnerability evaluation ( as opposed to Last-Modified fingerprinting that can be unreliable ).

08.10.2025 10:21 — 👍 1    🔁 0    💬 0    📌 0
image

image

🚨 New plugin for ViteJS's CVE-2025-30208 is up.

It's dev, nothing wrong can happen right?

Have fun.

Source: https://x.com/phithon_xg/status/1905351732500250711

11.04.2025 15:26 — 👍 0    🔁 0    💬 0    📌 0
image

image

🚨 New plugin for CrushFTP's CVE-2025-2825/CVE-2025-31161 is up.

While enumerating users to validate vulnerable instances we noticed a pattern.

It's on all instances we scanned for, can you see it? What do you make of it?

11.04.2025 13:08 — 👍 0    🔁 0    💬 0    📌 0
image

image

🚨 Detection for Cisco ASA CVE-2020-3259 has been added.
~2.5k vulnerable instances still found on a 5 years old vulnerability allowing for session hijacking and credentials stealing.

Source: https://cyberplace.social/@GossiTheDog/111848755813858062
Query: +plugin:CiscoASAPlugin

07.03.2025 16:16 — 👍 0    🔁 0    💬 0    📌 0
image

image

🚨 Detection for Kerio Control's CVE-2024-52875 has been added.
~500 vulnerable instances have been found.

Hosting providers & CERTs have been notified, patch now!
Credits: https://karmainsecurity.com/hacking-kerio-control-via-cve-2024-52875
Query: +plugin:KerioControlPlugin

14.01.2025 15:00 — 👍 0    🔁 0    💬 0    📌 0
image

image

💡No #opendir? Why don't you check for .DS_Store files listing the structure ?

Our scans found 11,856,006 IPs and DNS exposing the file.

Link: https://leakix.net/search?scope=leak&q=%2Bplugin%3ADotDsStoreOpenPlugin
Ref: https://0day.work/parsing-the-ds_store-file-format/

10.01.2025 07:20 — 👍 0    🔁 0    💬 0    📌 0
image

image

⚠️ During our scans we found ~70K applications exposing their VSCode SFTP config.

These are often critical and can include FTP/SSH credentials.

You can check this out here: https://leakix.net/search?q=%2Bplugin%3AVsCodeSFTPPlugin&scope=leak

#cybersecurity #vscode #vulnerability

07.01.2025 14:18 — 👍 0    🔁 0    💬 0    📌 0
image

image

💡 Have you checked our 3rd party Docker registry scan plugin?

Eg, looking for images names aimed at production environments:

+plugin:DockerRegistryHttpPlugin

And as a reminder, we have a Docker Registry Exploration tool at https://github.com/leakIX/dre.

03.01.2025 12:34 — 👍 2    🔁 0    💬 0    📌 1
Post image

🚨 New pro plugin is in!

We are now looking for mis-configured Spring Boot actuators and indexing metadata to help with research!

Query: +plugin:"SpringBootActuatorPlugin"

Thanks: @Chocapikk_ for the idea!
Credits: www.wiz.io/blog/spring-...

17.12.2024 18:28 — 👍 0    🔁 0    💬 0    📌 0
Post image

🚨 Detection for Mitel MiCollab's CVE-2024-35286 and CVE-2024-41713 has been added.
~2000 vulnerable instances have been found.

Hosting providers & CERTs have been notified, patch now!
Credits: @watchtowrcyber
Thanks: @Chocapikk_

06.12.2024 13:59 — 👍 1    🔁 1    💬 0    📌 0

Let's see if there's anyone up on this service :)

04.12.2024 16:36 — 👍 1    🔁 0    💬 0    📌 0

@leakix is following 2 prominent accounts