CVE-2019-25760 Joomla! Component Easy Shop 1.2.3 Local File Inclusion

Joomla! Component Easy Shop 1.2.3 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by supplying base64-encoded file paths. Attackers can send GET requests to index.php with the option parameter set to comeasyshop, task set to...

CVE-2019-25760

CVE-2019-25760 describes a Local File Inclusion in Joomla! Easy Shop 1.2.3. An unauthenticated attacker can read arbitrary server files by supplying a base64-encoded file path via the file parameter in a GET request to index.php with option=com_easyshop and task=ajax.loadImage. Affected files inc...

MAL-2026-6220 Malicious code in chai-as-uphelded (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa7f5470790594e55393048fee0e7a9e6e6650776a06717258e410292d4dc8a9 Package name impersonates the popular chai-as-promised library, but its package.json description and keywords masquerade as a pino-style logger and a...

Malicious code in pretie_x1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6308c285cb943f91fc16f7872bce135b8347b827139f5ad0cf8706ba992f104 Package masquerades as the prettier formatter name pretiex1, description "Opinionated code formatter for modern JavaScript and TypeScript.", keywords...

Malicious code in ing-feat-itsme-oidc-authentication (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 175d0dba1f70bc84bcd4e29b57e0f7831248582614cd146af7d1ea6d1d057cd5 On npm install, package.json's preinstall hook executes poc.js, which collects os.hostname, os.userInfo.username, process.cwd, and process.platform,...

CVE-2016-20077

CVE-2016-20077 affects the WordPress plugin Photocart Link 1.6. It describes a Local File Inclusion vulnerability in decode.php: unauthenticated attackers can trigger LFI by supplying base64-encoded file paths via the id parameter to decode.php, enabling access to sensitive files (e.g., wp-config...

Malicious code in theta-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ac14206b12d7cb0c180c49e65d91b99aa2f013c33147d7f1eff396da2c48a2 The package advertises itself as a MySQL connector but index.js around line 236 contains a method queryDBConnect on the exported...

CVE-2026-46697

Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy includes/MediaProxy.php with permissioncallback = returntrue that accepted a base64-encoded URL and forwarded it to wpremoteget$url without...

Malicious code in chai-as-victimed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b60cf728d4e2f5932f37d3e420649f6facc08959a8380a4724ec9e885b88754 Package name impersonates chai-as-promised but ships a remote-code dropper. lib/caller.js base64-decodes a hardcoded URL pointing to...

MAL-2026-5605 Malicious code in chai-as-victimed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b60cf728d4e2f5932f37d3e420649f6facc08959a8380a4724ec9e885b88754 Package name impersonates chai-as-promised but ships a remote-code dropper. lib/caller.js base64-decodes a hardcoded URL pointing to...

ROS-20260611-73-0004

The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory, due to incorrect encoding based on the Base64 standard. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Malicious code in @access-risk/browser-remedy-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0de4bc9f19feea718e091e9b0a480e9b939cdffa88109375020895c99efa489c On npm install, postinstall.js executes automatically and collects host identity and environment details using os.hostname, process.cwd, and filesyst...

MAL-2026-5461 Malicious code in fhirproxy-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 405cf847121f4bfed32bc5679a40b64c1338b142af75823ef9583944a7ae7b5a On npm install via the prepare lifecycle hook and many other lifecycle aliases and on require, index.js performs broad reconnaissance and exfiltratio...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2026-1785)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1785 advisory. http.cookies.Morsel.jsoutput returns an inline snippet and only escapes for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element...

Medium: python3.13

Issue Overview: http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie valu...

CVE-2026-36610

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

CVE-2026-36610

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

CVE-2026-36540

Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skkset.cgi endpoint. The password and newpwdconfirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...

PT-2026-43707

Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skk set.cgi endpoint. The password and new pwd confirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...

MAL-2026-4594 Malicious code in koishi-plugin-fusheng-car (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35bbb2f7cdae32f1a5012363b81298fd339c96b83718db535d77c0bdc0f936ec lib/index.js contains a hardcoded base64-encoded QQ user ID 'Mjc1OTcyMDE2MQ==' decoding to '2759720161' checked inside the plugin's permission gate...