17 matches found
Malicious code in github-archiver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d8f3a21af0a31a899de9e8eabd09e30c6e05e620ab3a7d7af420c34214898b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @forjacms/sections (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c21dd7e7453f68aa7240f5ec40de3a37683b0a9655d0218a094c528e042766f The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in eslint-plugin-executable-stories-vitest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37cda64660196ba2834eebfa1c7c1debc8367bb89d9b953d1c01fa0c5b722e7a The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in executable-stories-jest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31ff96aa09e874eb7b9776610e3ce2732632e1bac97129af7e1a342146a1d6ce No concrete installer-harm signals were identified for this package version. No lifecycle scripts, hardcoded network destinations, credential-path...
MAL-2026-5263 Malicious code in node-env-resolver-aws (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4d561f58633262592e17233481bba8398f047eb830948370396c51b6d952c90 No concrete installer-harm signals were identified in this version of the package. Coverage of the package contents was partial, so a human reviewer...
MAL-2026-5230 Malicious code in autotel-subscribers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374da77433b452664266e009188064316b6defdcb0ee4b7e391a158a0a5ca6bf No concrete installer-harm signals were identified in this version of autotel-subscribers. There is no observed lifecycle script fetching remote...
MAL-2026-5255 Malicious code in executable-stories-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc974c5748dbf6c421d343ec3924e31bcc8a56a1202e59818e5282bc239a14f2 [email protected] ships a bundled HTTP server module dist/http.cjs and dist/http.js where pattern matchers flagged co-occurrence of...
CVE-2019-11615
/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server...
EUVD-2019-3285
Malware in sbrugna...
CVE-2025-56295
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions...
CVE-2025-56295
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions...
DotNetNuke CMS 9.5.0 Cross Site Scripting
Exploit Title: File upload vulnerability through bypassing client-side file extension check Date: 23 Feb 2020 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip...
DotNetNuke 9.5 - Persistent Cross-Site Scripting
DotNetNuke 9.5 - Persistent Cross-Site Scripting Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link:...
DotNetNuke 9.5 - Persistent Cross-Site Scripting
Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link: https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.5.0/DNNPlatform9.5.0Install.zip Version: . For instance, uploadi...
CVE-2019-11615
/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server...
Design/Logic Flaw
/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. A remote normal registered user can use this vulnerability to upload backdoor files to control the server...
Zhongkexinye Network Sentinel Arbitrary File Upload Vulnerability (CNVD-2015-07916)
ZKXY Network Sentinel is an Internet security auditing system that integrates behavioral auditing and content auditing, and is deployed as a bypass at the network egress. An arbitrary file upload vulnerability exists in ZKXN Network Sentry. The vulnerability occurs because the file...