Malicious Package

Overview address-validator is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

PT-2019-14772 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 9.0.5 Description: The issue concerns a stored XSS in the Email Template section, specifically affecting the mails templates.php file. This allows a user, regardless of their privileges, to inject scripts that can attack the...

CVE-2016-7575

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7575. Reason: This candidate is a duplicate of CVE-2015-7575. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2015-7575 instead of this candidate. All references and descriptions in this...

PT-2006-5246 · Cutenews · Cutenews

Name of the Vulnerable Software and Affected Versions: CuteNews versions 1.3.x Description: The issue allows remote attackers to potentially execute arbitrary PHP code via a URL in the cutepath parameter to API endpoints such as "show news.php" or "search.php". However, analysis has not identifie...

CVE-2005-4129

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4092. Reason: This candidate is a reservation duplicate of CVE-2005-4092. Notes: All CVE users should reference CVE-2005-4092 instead of this candidate. All references and descriptions in this candidate have been removed to...