MAL-2024-12248 Malicious code in comfyui-node-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0dbe79c5cd8f170a46216b0bf557c0f4c5f65d712660985f0c3059b875601b0a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in rtxt-dep2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a0cd03149005afa6cc505bea16d80c21f5bbbd226c16c659ed6abb41cf730a2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12315 Malicious code in oaieval (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fd257dee43f966eaacc56e07462eae9170a8a81dc1be6f0df9145f8c3a44de59 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in c8test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b94beda1abe6cca6b53ac1891e3a3baea95df1b8c260dd9f4ea15998e26391b9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12247 Malicious code in comfyui-node-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d14c72a2c0a980d7106ed7e451501074521e6282c64d87f689b4b758f877d2ea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

BIT-PHPMYADMIN-2022-23808

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

UBUNTU-CVE-2024-23831

LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...

GLSA-202311-17 : phpMyAdmin: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202311-17 phpMyAdmin: Multiple Vulnerabilities - PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pmaparameter, and the...

NETGEAR DGN3500 安全漏洞

The NETGEAR DGN3500 is a wireless router from NETGEAR. The NETGEAR DGN3500 version 1.1.00.37 suffers from a buffer overflow vulnerability, which originates from the httppassword parameter in setup.cgi failing to properly validate the length of the input data, which can be exploited by a remote...

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

A malicious Python package on the Python Package Index PyPI repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and...

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

A malicious Python package uploaded to the Python Package Index PyPI has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool , was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind...

SUSE CVE-2009-4605

scripts/setup.php aka the setup script in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the 1 configuration and 2 v0 parameters, which might allow remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors...

SUSE CVE-2016-6621

The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery SSRF attacks via unspecified vectors...

SUSE CVE-2022-23808

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls

In yet another campaign targeting the Python Package Index PyPI repository, six malicious packages have been found deploying information stealers on developer systems. The now-removed packages, which were discovered by Phylum between December 22 and December 31, 2022, include pyrologin,...

Server-side Request Forgery (SSRF)

Overview phpmyadmin/phpmyadmin is a web interface for MySQL and MariaDB. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the setup script. An attacker can manipulate the server to make unauthorized requests by leveraging a race condition between editin...

SSRFire - An Automated SSRF Finder. Just Give The Domain Name And Your Server And Chill! Also Has Options To Find XSS And Open Redirects

An automated SSRF finder. Just give the domain name and your server and chill! ; It also has options to find XSS and open redirects. Syntax ./ssrfire.sh -d domain.com -s yourserver.com -f customfile.txt -c cookies domain.com --- The domain for which you want to test yourserver.com --- Your server...

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

Exploit for Cross-site Scripting in Phpmyadmin

phpMyAdmin Exploit Exploit Title : phpMyAdmin 5.1.1 - XSS...

Cross-site Scripting in phpmyadmin

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...