106604 matches found
MAL-2026-4535 Malicious code in configcat-trello-powerup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5365489bc7a763096bf4be47f80bd47e4513917d8b37ba2754e33ae11983872b package.json declares "preinstall": "node index.js", which fires automatically on npm install. index.js collects host identifiers os.hostname,...
Malicious code in @remitee-money-transfer/rmt-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f21c6601855c2f2d0a5d0761d3defe8c0ba1708dd2a67fb278c03e0abd6ba16 Package ships only a preinstall lifecycle script scripts/preinstall.sh and no functional code. On npm install, the script reads /etc/passwd and...
Malicious code in @ornexus/neocortex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb66a92e1a8c414ee0c8877998a9587b7c8a4be3b9b27b76d874329a87bec5dc On npm install -g @ornexus/neocortex, postinstall.js spawns install.sh or install.ps1 which, by default, runs an installcoderabbit step that fetches...
Malicious code in pubnub-moderation-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 750918c1551873c10f69bc746538652a6adf047d6c76231a40832fff30b74938 package.json declares "preinstall": "node index.js", causing index.js to run automatically on npm install. The script collects os.hostname,...
MAL-2026-4650 Malicious code in pubnub-moderation-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 750918c1551873c10f69bc746538652a6adf047d6c76231a40832fff30b74938 package.json declares "preinstall": "node index.js", causing index.js to run automatically on npm install. The script collects os.hostname,...
CVE-2026-48237
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frmticketid and frmrespid POST parameters are concatenated into WHERE clauses of SELECT/UPDATE statements without sanitization. Authenticated attackers can craft requests that alter query semantics to...
GHSA-32Q2-HHR5-6QVV md-fileserver: Stored/Reflected XSS when viewing Markdown (raw HTML allowed)
Summary A cross-site scripting XSS vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including tags—is processed and injected into the resulting page without sanitization, allowing arbitrary JavaScript execution ...
CVE-2026-48245
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...
CVE-2026-48242
Open ISES Tickets before 3.44.2 contains hardcoded MySQL credentials (host, username, password, database) in import_mdb.php, embedded in public repository source code. This exposure allows readers to obtain valid configuration values that may match deployed installations. The issue is documented ...
CVE-2026-48240 Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...
CVE-2026-48238
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobilemain.php where the id GET parameter is concatenated into the WHERE clause of a SELECT statement used as a ticket-existence sanity check without sanitization. Authenticated attackers can craft requests that alter...
CVE-2026-48237
Open ISES Tickets prior to 3.44.2 is vulnerable to a SQL injection in message.php. The vulnerability arises because the POST parameters frm_ticket_id and frm_resp_id are concatenated into WHERE clauses of SELECT/UPDATE statements without sanitization, allowing an authenticated attacker to alter q...
CVE-2026-48236 Open ISES Tickets < 3.44.2 SQL Injection via db_loader.php Multiple Parameters
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in dbloader.php where the multiple POST parameters ticketsdb, ticketshost, ticketsuser, ticketspassword are concatenated into mysqli connection arguments and dynamic SQL operating against an attacker-controlled database withou...
EUVD-2026-31318
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in dbloader.php where the multiple POST parameters ticketsdb, ticketshost, ticketsuser, ticketspassword are concatenated into mysqli connection arguments and dynamic SQL operating against an attacker-controlled database withou...
EUVD-2026-31316
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/listrequests.php where the sort and dir GET parameters are concatenated into the ORDER BY clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics ...
CVE-2026-48233 Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sitincidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, o...
CVE-2026-48233 Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sitincidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, o...
CVE-2026-48230 Open ISES Tickets < 3.44.2 Reflected XSS via ticketsmdb_import.php Multiple POST Parameters
Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ticketsmdbimport.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters mdbhost, mdbdb, mdbuser, mdbpassword, mdbprefix,...
MAL-2026-4421 Malicious code in @pulse-web-platform-core/scripts-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c69fc52eb76aa05711ea0c128624eb1fc8c70655a58f2f3e646da1dcd20f254 On npm install, the package's preinstall.js performs an HTTP GET to http://$pkg.$scope.oob.moika.tech/poc.js and passes the response body directly to...
MAL-2026-4227 Malicious code in lognest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 481f45cde243009853b52b584fb6a1af2eae31e637912c8b78f18a8d7ee0d9d0 On import lognest, the package's init.py spawns a detached background subprocess running a sibling check.py lognest/init.py:25...