EUVD-2010-2079

Malware in sbrugna...

EUVD-2022-5373

Malicious code in bioql PyPI...

Malicious code in beanstalk-api (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 447e0e40d99f975438792b85715ae48b89f8fd877e0c44b434643a73ca19731c The OpenSSF Package Analysis project identified 'beanstalk-api' @ 1.0...

MAL-2025-5302 Malicious code in beanstalk-api (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 447e0e40d99f975438792b85715ae48b89f8fd877e0c44b434643a73ca19731c The OpenSSF Package Analysis project identified 'beanstalk-api' @ 1.0...

New Pacu Module: Secret Enumeration in Elastic Beanstalk

The post New Pacu Module: Secret Enumeration in Elastic Beanstalk appeared first on Rhino Security Labs...

IMDShift - Automates Migration Process Of Workloads To IMDSv2 To Avoid SSRF Attacks

AWS workloads that rely on the metadata endpoint are vulnerable to Server-Side Request Forgery SSRF attacks. IMDShift automates the migration process of all workloads to IMDSv2 with extensive capabilities, which implements enhanced security measures to protect against these attacks. Features...

GHSA-VJR6-CQ22-M4Q5 Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials in plain text

Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.awsbeanstalkpublisher.AWSEBPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials in plain text

Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.awsbeanstalkpublisher.AWSEBPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

Clever Cryptocurrency Theft

Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportional votes based on the amount of currency they own. A clever hacker used a "flash loan" feature of another decentralized finance project to borrow enough of the currency ...

Attacker Steals $182 Million From Ethereum-based Beanstalk Stablecoin Protocol

By Deeba Ahmed Interestingly, the attacker donated $250,000 of the stolen funds to an address used for raising donations for the… This is a post from HackRead.com Read the original post: Attacker Steals $182 Million From Ethereum-based Beanstalk Stablecoin Protocol...

Cross-site Scripting in Beanstalk console

Beanstalk console ptrofimov/beanstalkconsole prior to 1.7.14 is vulnerable to cross-site scripting...

GHSA-2CJF-W7C4-FHF6 Cross-site Scripting in Beanstalk console

Beanstalk console ptrofimov/beanstalkconsole prior to 1.7.14 is vulnerable to cross-site scripting...

beanstalk_console 跨站脚本漏洞

beanstalkconsole is the management console for the Beanstalk Queue Server and is written in PHP. A cross-site scripting vulnerability exists in beanstalkconsole, which stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to...

Cross-site Scripting (XSS) - Stored in ptrofimov/beanstalk_console

Description Stored XSS in parameter 'host' when add server Proof of Concept // PoC.req GET / HTTP/1.1 Host: 127.0.0.1:8088 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:97.0 Gecko/20100101 Firefox/97.0 Accept:...

GHSA-GJ85-PVP5-MVF9 Cross-site Scripting in Beanstalk console

Beanstalk console prior to version 1.7.12 is vulnerable to cross-site scripting...

Cross-site Scripting in Beanstalk console

Beanstalk console prior to version 1.7.12 is vulnerable to cross-site scripting...

beanstalk_console 跨站脚本漏洞

beanstalkconsole is the administration console for the Beanstalk Queue Server and is written in PHP. A cross-site scripting vulnerability exists in beanstalkconsole, which stems from a cross-site scripting vulnerability in beanstalkconsole...

AWS Elastic Beanstalk Dockerrun Detected

AWS Elastic Beanstalk is a Platform-as-a-Service PaaS feature provided by Amazon Web Services which allows developers to quickly deploy their web applications in various predefined environments Java, .NET, PHP... without managing the underlying infrastructure configuration. AWS Elastic Beanstalk...

Cross-site Scripting (XSS) - Reflected in ptrofimov/beanstalk_console

Description Beanstalk Console is vulnerable to reflected Cross-Site Scripting via the server parameter. Steps to reproduce 1. Setup the Beanstalk console locally. 2. Go to https://localhost/public/? and add a random server. 3. Visit...

rockymountainelk-prod.mtzk9mbhu8.us-east-1.elasticbeanstalk.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1155100 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting...