7 matches found
Malicious code in react-native-country-select (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 769c13bead812dac05aaece43d165b10a7574c48a0a030b703e022325f736380 The package react-native-country-select was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1931 Malicious code in react-native-country-select (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 769c13bead812dac05aaece43d165b10a7574c48a0a030b703e022325f736380 The package react-native-country-select was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview react-native-country-select is a 🌍 React Native country picker with flags, search, TypeScript, i18n, and offline support. Lightweight, customizable, and designed with a modern UI. Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this...
Malicious code in fc-country-select (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c2e34746019c8babb7529002f310acda6cd4d5f8ae99347e250d6ee9c6fb34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-339 Malicious code in fc-country-select (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c2e34746019c8babb7529002f310acda6cd4d5f8ae99347e250d6ee9c6fb34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2008-6945
Multiple cross-site scripting XSS vulnerabilities in Interchange 5.7 before 5.7.1, 5.6 before 5.6.1, and 5.4 before 5.4.3 allow remote attackers to inject arbitrary web script or HTML via 1 the mvorderitem CGI variable parameter in Core, 2 the country-select widget, or 3 possibly the value...
CVE-2008-6945
Multiple cross-site scripting XSS vulnerabilities in Interchange 5.7 before 5.7.1, 5.6 before 5.6.1, and 5.4 before 5.4.3 allow remote attackers to inject arbitrary web script or HTML via 1 the mvorderitem CGI variable parameter in Core, 2 the country-select widget, or 3 possibly the value...