377 matches found
Malicious Package
Overview @kiukicom/sidebar is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1023 Malicious code in @kiukicom/sidebar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cb39359f91f7a9efe145c20140da0ac4320a6fcce0335e8619af25bcd76c3af The package @kiukicom/sidebar was found to contain malicious code. Source: ghsa-malware...
CVE-2026-3041
A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of the component Article Sidebar Module. Such manipulation of the argument sidebar.content leads to cro...
CVE-2026-3041
A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of the component Article Sidebar Module. Such manipulation of the argument sidebar.content leads to cro...
CVE-2026-3041
The vulnerability CVE-2026-3041 affects BaykeShop (up to version 1.3.20), specifically the Article Sidebar Module’s file at src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html. The issue arises from a manipulation of the argument sidebar.content in the Article Sidebar Module, en...
CVE-2026-3041 xingfuggz BaykeShop Article Sidebar custom.html cross site scripting
A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of the component Article Sidebar Module. Such manipulation of the argument sidebar.content leads to cro...
CVE-2026-3041 xingfuggz BaykeShop Article Sidebar custom.html cross site scripting
A security vulnerability has been detected in xingfuggz BaykeShop up to 1.3.20. Impacted is an unknown function of the file src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html of the component Article Sidebar Module. Such manipulation of the argument sidebar.content leads to cro...
PT-2026-21571
Name of the Vulnerable Software and Affected Versions xingfuggz BaykeShop versions up to 1.3.20 Description A security issue exists in xingfuggz BaykeShop, specifically within the Article Sidebar Module. Manipulation of the sidebar.content argument in the file...
BaykeShop 代码注入漏洞
BaykeShop is an e-commerce system developed by xingfuggz’s individual developers. Versions of BaykeShop prior to 1.3.20 have a code injection vulnerability. This vulnerability stems from improper handling of the parameter sidebar.content in the file...
Firefox is giving users the AI off switch
Some software providers have decided to lead by example and offer users a choice about the Artificial Intelligence AI features built into their products. The latest example is Mozilla, which now offers users a one-click option to disable generative AI features in the Firefox browser. Audiences ar...
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence GenAI features. "It provides a single place to block current and future generative AI features in Firefox," Ajit Varma, head of...
CVE-2025-23642
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pflonk Sidebar-Content from Shortcode sidebar-content-from-shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through = 2.0...
CVE-2025-23912
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Philipp Speck WordPress Custom Sidebar wordpress-custom-sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through = 2.3...
CVE-2025-69234
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...
CVE-2025-69235
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...
EUVD-2025-205678
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...
EUVD-2025-205677
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...
CVE-2025-69234
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...
CVE-2025-69235
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...
CVE-2025-69234
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...