Lucene search
+L

17 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.16 views

Malicious code in github-archiver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d8f3a21af0a31a899de9e8eabd09e30c6e05e620ab3a7d7af420c34214898b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.26 views

Malicious code in @forjacms/sections (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c21dd7e7453f68aa7240f5ec40de3a37683b0a9655d0218a094c528e042766f The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.29 views

Malicious code in eslint-plugin-executable-stories-vitest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37cda64660196ba2834eebfa1c7c1debc8367bb89d9b953d1c01fa0c5b722e7a The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.23 views

Malicious code in executable-stories-jest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31ff96aa09e874eb7b9776610e3ce2732632e1bac97129af7e1a342146a1d6ce No concrete installer-harm signals were identified for this package version. No lifecycle scripts, hardcoded network destinations, credential-path...

6.1AI score
Exploits0References8
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5263 Malicious code in node-env-resolver-aws (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4d561f58633262592e17233481bba8398f047eb830948370396c51b6d952c90 No concrete installer-harm signals were identified in this version of the package. Coverage of the package contents was partial, so a human reviewer...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/06/05 12:53 a.m.20 views

MAL-2026-5230 Malicious code in autotel-subscribers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374da77433b452664266e009188064316b6defdcb0ee4b7e391a158a0a5ca6bf No concrete installer-harm signals were identified in this version of autotel-subscribers. There is no observed lifecycle script fetching remote...

6.2AI score
Exploits0References31
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5255 Malicious code in executable-stories-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc974c5748dbf6c421d343ec3924e31bcc8a56a1202e59818e5282bc239a14f2 [email protected] ships a bundled HTTP server module dist/http.cjs and dist/http.js where pattern matchers flagged co-occurrence of...

6.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.7 views

CVE-2019-11615

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server...

8.8CVSS7.2AI score0.01521EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-3285

Malware in sbrugna...

8.8CVSS8.8AI score0.01521EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/18 1:39 a.m.9 views

CVE-2025-56295

code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions...

7.3CVSS6.9AI score0.00295EPSS
Exploits1References1
OSV
OSV
added 2025/09/16 3:15 p.m.7 views

CVE-2025-56295

code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions...

7.3CVSS5.8AI score0.00295EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2020/02/24 12:0 a.m.589 views

DotNetNuke CMS 9.5.0 Cross Site Scripting

Exploit Title: File upload vulnerability through bypassing client-side file extension check Date: 23 Feb 2020 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip...

5.6AI score0.00889EPSS
Exploits2
exploitpack
exploitpack
added 2020/02/24 12:0 a.m.58 views

DotNetNuke 9.5 - Persistent Cross-Site Scripting

DotNetNuke 9.5 - Persistent Cross-Site Scripting Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link:...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2020/02/24 12:0 a.m.95 views

DotNetNuke 9.5 - Persistent Cross-Site Scripting

Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip Version: . For instance, uploadi...

7.4AI score
Exploits0
NVD
NVD
added 2019/04/30 8:29 p.m.21 views

CVE-2019-11615

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server...

8.8CVSS8.7AI score0.01521EPSS
Exploits1References1
Prion
Prion
added 2019/04/30 8:29 p.m.13 views

Design/Logic Flaw

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server...

6.5CVSS8.7AI score0.01521EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2015/04/27 12:0 a.m.11 views

Zhongkexinye Network Sentinel Arbitrary File Upload Vulnerability (CNVD-2015-07916)

ZKXY Network Sentinel is an Internet security auditing system that integrates behavioral auditing and content auditing, and is deployed as a bypass at the network egress. An arbitrary file upload vulnerability exists in ZKXN Network Sentry. The vulnerability occurs because the file...

7.3AI score
Exploits0
Rows per page
Query Builder