Malicious code in @a91082900/test_package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8349cd7ce2c9ac2321dce8f80e5a46c0064b382fb7e54e975ff27a2dcab1254 The package's main file index.js executes at module load, with no exports and no user-invoked API. On import it issues...

MAL-2026-3680 Malicious code in @a91082900/test_package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8349cd7ce2c9ac2321dce8f80e5a46c0064b382fb7e54e975ff27a2dcab1254 The package's main file index.js executes at module load, with no exports and no user-invoked API. On import it issues...

PYSEC-2026-34

Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can...

CVE-2024-34346 Deno contains a permission escalation via open of privileged files with missing `--deny` flag

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access...

CVE-2022-2653

With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file i...

Design/Logic Flaw

With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file i...

CVE-2022-2653 Path Traversal in plankanban/planka

With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file i...

CVE-2022-2653

The CVE-2022-2653 entry maps to a path traversal vulnerability in plankanban/planka (planka) that enables an attacker to read sensitive files such as configuration files and /proc/self/environ when the web server runs as root. Affected component is the web-accessible endpoint that uses a filename...

COMPIE CMS Leado Local File Include Vulnerability

Exploit Title: COMPIE CMS Leado Local File Include Google Dork: /index.php?pathAjax= Date: 3/30/2022 Exploit Author: iranhack Security Team Vendor Homepage: iranhack.com Software Link: http://www.compie.co.il/ Version: V.1.0 Tested on: KaliLinux,windows 10 Local File Include...

Liffy - Local File Inclusion Exploitation Tool

LFI Exploitation tool A little python tool to perform Local file inclusion. Liffy v2.0 is the improved version of liffy which was originally created by rotlogix/liffy. The latter is no longer available and the former hasn't seen any development for a long time. Main feature data:// for code...

New CMS 2.1 Local File Inclusion

=============================================== + TITLE : NEW CMS Local File Inclusion Vulnerability /proc/self/environ + VENDOR : http://new-cms.org/index.php?lng=it&mod=download&pg=indice + VERSION : 2.1 or Later + AUTHOR : R3vanBastard + TESTED ON : Windows + DORK : "New CMS"...

Joomla component SimpleDownload Local File Inclusion

No description provided by source. A vulnerability has been found in the downloader component for Joomla. It can be exploited in various ways - from sensitive information disclosure to remote code execution. Input passed to controller is not properly sanitized, allowing attacker to inject php cod...

Joomla Simple Downloader 0.9.5 Local File Inclusion / Command Execution

--Description-- A vulnerability has been found in the downloader component for Joomla. It can be exploited in various ways - from sensitive information disclosure to remote code execution. Input passed to controller is not properly sanitized, allowing attacker to inject php code via Local File...

Joomla component SimpleDownload Local File Inclusion

--Description-- A vulnerability has been found in the downloader component for Joomla. It can be exploited in various ways - from sensitive information disclosure to remote code execution. Input passed to controller is not properly sanitized, allowing attacker to inject php code via Local File...