MAL-2026-3530 Malicious code in @uipath/api-workflow-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d32baa584fef58e39e73ce0f2a965cccdbc83a96e6011743224267b3832d8759 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-30554

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the sqlapi/apiworkflow.py endpoint ExecuteCheck which passes unfiltered...

CVE-2023-30553

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to multiple SQL injections in the sqlapi/apiworkflow.py endpoint ExecuteCheck. User input...

CVE-2023-30553 Multiple SQL injections in sql_api/api_workflow.py endpoint in Archery - GHSL-2022-102

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to multiple SQL injections in the sqlapi/apiworkflow.py endpoint ExecuteCheck. User input...

X (Formerly Twitter): Access MoPub Reports Data even after Company removed you from their MoPub Account.

Description + Attacking approach API Workflow : - The MoPub Reporting API supports two separate CSV outputs where publishers can retrieve inventory or campaign performance data. - Publishers can retrieve daily reports via making a GET request using the request parameters. - This URL will return a...