MAL-2026-1857 Malicious code in stnsxmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f71046374980b35d68230cf391bf580cd1ce68017bf6ac6373b72b01b9d9b67 The package stnsxmp was found to contain malicious code...

CVE-2024-1857

The Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the wpswgmpreviewemailtemplate. This makes it possible for...

CVE-2025-1857

creationtimestamp| type| source ---|---|--- 2025-03-03 08:29:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6159 2025-03-03 10:01:09+00:00| published-proof-of-concept| Telegram/B00WHQsRDE7JVKYOf8yUGl6ojwx9yH5tJgPqXOMPOY24Pc 2025-03-03 11:21:39+00:00| seen|...

CVE-2025-1857 PHPGurukul Nipah Virus Testing Management System check_availability.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /checkavailability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-1857 PHPGurukul Nipah Virus Testing Management System check_availability.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /checkavailability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate the attack remotely. The...

openSUSE Security Advisory (SUSE-SU-2024:1857-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Ultimate Gift Cards For WooCommerce Plugin <= 2.6.6 is vulnerable to Broken Access Control

Software Ultimate Gift Cards For WooCommerce Type Plugin Vulnerable versions = 2.6.6 Fixed in 2.6.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1857 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ac4726115ec6 Credits Krzysztof...

CVE-2024-1857

creationtimestamp| type| source ---|---|--- 2024-03-16 10:21:50+00:00| seen| https://t.me/ctinow/209464 2024-03-16 10:26:17+00:00| seen| https://t.me/ctinow/209466...

CVE-2024-1857

CVE-2024-1857 affects the WordPress plugin “Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates.” All versions up to 2.6.6 are affected. Root cause: Sensitive Information Exposure via wps_wgm_preview_email_template(), enabling unauth...

CVE-2024-1857 Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates <= 2.6.6 - Missing Authorization to Unauthenticated Information Exposure

The Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the wpswgmpreviewemailtemplate. This makes it possible for...

Amazon Linux AMI : cups (ALAS-2023-1857)

The version of cups installed on the remote host is prior to 1.4.2-67.25. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1857 advisory. A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an...

CVE-2023-1857

creationtimestamp| type| source ---|---|--- 2023-04-05 12:27:56+00:00| seen| https://t.me/cibsecurity/61440...

CVE-2023-1857

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=product/manageproduct&id=2. The manipulation of the argument Product Name leads to cross site scripting. Th...

CVE-2023-1857

CVE-2023-1857 impacts SourceCodester Online Computer and Laptop Store 1.0. The vulnerability is a cross-site scripting flaw in the admin file for managing products, specifically /admin/?page=product/manage_product&id=2, where manipulating the Product Name parameter (due to insufficient input filt...

SUSE CVE-2022-1857

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page...

Amazon Linux 2 : glibc (ALAS-2022-1857)

The version of glibc installed on the remote host is prior to 2.26-61. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1857 advisory. A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the...

CVE-2022-1857

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page...

CVE-2022-1857

CVE-2022-1857 : Affected: Google Chrome/Chromium (and derivatives) prior to version 102.0.5005.61. Root cause: Insufficient policy enforcement in the File System API, enabling a remote attacker to bypass file system restrictions via a crafted HTML page. Impact: High (remote code/restriction bypas...

CVE-2022-1857

Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page...

Fedora: Security Advisory for chromium (FEDORA-2022-bcb096166f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...