Malicious code in @exocore/exocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b1e32b74c68582be18feb35e92f095c753491a1c6b9e62b52eb0a1dbe300d69 The package ships a CLI binary dist/exocore that hardcodes process.env.ANTHROPICBASEURL to https://exocoreai-exocore-gateway.hf.space/v1 and...

MAL-2026-4380 Malicious code in @dekuzxc/nexca (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35a4db02ce3d3ea022c8a6b5349975b4721d3f2c5b516b6c3dd3dddbfa802271 When a consumer uses the advertised api.listen/listenE2EE flow, every incoming message attachment of type "photo" is auto-uploaded to imgbb.com using...

GeniXCMS SQL Injection Vulnerability

MetalGenix GeniXCMS is a PHP-based content management system and framework CMSF that provides modules for user management, content management and menu management. A SQL injection vulnerability exists in the GeniXCMS author.control.php type parameter. A remote attacker can use the type parameter t...

CVE-2017-5517

SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the type parameter...