7782 matches found
CVE-2025-71317 NetMan 204 Hard-coded Backdoor Credentials
NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...
CVE-2025-71317
NetMan 204 is affected by a hard-coded backdoor account (username/password: 'eurek'). A remote, unauthenticated attacker can authenticate via the cgi-bin/login.cgi endpoint (e.g., /cgi-bin/login.cgi?username=eurek&password=eurek; can be shortened due to lax parameter validation) to gain administr...
CVE-2025-71317
NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...
Exploit for Improper Input Validation in Unrealircd
CVE-2010-2075 – UnrealIRCd Backdoor Remote Code Execution...
CVE-2026-49777 WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...
CVE-2026-49777 WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...
CVE-2026-49777
CVE-2026-49777 (WordPress Product Slider Pro for WooCommerce
Exploit for OS Command Injection in Vsftpd_Project Vsftpd
vsftpd 2.3.4 Backdoor Exploit A small, dependency-free Python...
Malicious code in executable-stories-cypress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 838176fbbb9290f1ee55af50cd6e292d461f33565a675a6e965bbe50d3b6c3ec No concrete installer-harm evidence was identified in this version of executable-stories-cypress. No lifecycle hook payloads, hardcoded exfiltration...
Malicious code in autotel-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9746e4768872ec865677aee5e0616ec2bddc7d5d26e9c58bffd5541533612d7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in awaitly-visualizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7f392622f2aeb9a1cd98719278777d45ea44442e6f3979175ed8d8b6f8a0389 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in executable-stories-jest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31ff96aa09e874eb7b9776610e3ce2732632e1bac97129af7e1a342146a1d6ce No concrete installer-harm signals were identified for this package version. No lifecycle scripts, hardcoded network destinations, credential-path...
Malicious code in @ethlete/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59b70ddfa1fae6a08ce80a1c1f924e904dde1534eeb55d9fdcdfa9651a89b8e0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in autotel-vitest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d23b9d854410e35b16a7058ed9bc6855b3bf548b1a3ccd79ba983de3b652e1 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @vapi-ai/server-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67e1edd9922bb8b3962aad95b2bb1bfa39c3ec47651fe4863035111fc292dcfe The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in autotel-mongoose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 084f88eef116d14d53849eed11b7995a96c7869df33ef39a2af8e84d44dbd750 No concrete installer-harm evidence was identified in this version of autotel-mongoose. The package name resembles the popular mongoose ORM library,...
Malicious code in github-archiver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d8f3a21af0a31a899de9e8eabd09e30c6e05e620ab3a7d7af420c34214898b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5263 Malicious code in node-env-resolver-aws (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4d561f58633262592e17233481bba8398f047eb830948370396c51b6d952c90 No concrete installer-harm signals were identified in this version of the package. Coverage of the package contents was partial, so a human reviewer...
Malicious code in wrangler-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d2085fa4916157b99799df085aa11e3d29bdb9a47f5798c85375b1bfdf8bd7e Package name wrangler-deploy is close to Cloudflare's official wrangler CLI, which raises confusion-risk concerns for developers who may install it...
Malicious code in node-env-resolver-dotenvx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1935de81fae9e35f6c7373f982092558f30d269b205a6edf0d847fb86d0bf3b5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...