Malicious code in blacklight-advanced_search (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6783 Malicious code in blacklight-advanced_search (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious Package

Overview blacklight-advancedsearch is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

skladtorg.ru XSS vulnerability

Vulnerable URL: http://skladtorg.ru/advancedsearch.php?errorno=10000000="'/alert/openbugbounty/...

ro.mt.com XSS vulnerability

Vulnerable URL: http://ro.mt.com/ro/en/home/search/AdvancedSearch.html?q=Humid...

shop.tonychachere.com XSS vulnerability

Vulnerable URL: http://shop.tonychachere.com/advancedsearch.php?errorno=10000000=%22%3E%3Csvg%2Fonload%3Dalert%28%2Fxssposed.org%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

CVE-2008-4461

SQL injection vulnerability in advancedsearchresults.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter...