Malicious code in adform-react-app-core (npm)

The package adform-react-app-core was found to contain malicious code...

MAL-2025-14091 Malicious code in adform-react-app-core (npm)

The package adform-react-app-core was found to contain malicious code...

MAL-2025-7134 Malicious code in @conversation-app/core-api (npm)

The package @conversation-app/core-api was found to contain malicious code...

MAL-2022-1635 Malicious code in bob-app-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f470c5440c88f4b1dd83ee5c79cf167f5ccd654921909341136f99ec78f75569 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@0xgg/echomd (>=1.0.0 <=1.0.4), @budibase/client (>=3.8.2 <=3.24.3) +117 more potentially affected by CVE-2020-7690 via jspdf (>=1.0.272 <=1.5.2)

jspdf NPM version =1.0.272, =1.0.0, =3.8.2, =0.0.3, =1.0.0, =2.6.4, =1.54.0, =0.2.1, =1.1.4, =0.0.0-dev.0ebca38, =1.0.0, =0.0.98, =1.15.0-alpha.1, =1.18.11 and more Source cves: CVE-2020-7690 Source advisory: OSV:GHSA-VH59-V9R5-4MH4...

Cross site scripting

XSS exists in WUZHI CMS 4.1.0 via index.php?m=core&f=map&v=baidumap&x=XSS&y=XSS to coreframe/app/core/map.php...