4 matches found
EUVD-2026-42857
R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000...
Malicious code in bambang-botok80-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faf309da09f99d0bccfa2bc82afca8bfc0ff87830677d137ff5e94a9ebde3532 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fajar-lupis22-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdc6041bf50cb45247d5e572077a6a83c029c951df81b920b5b90155eceae809 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in redic6504 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3a1b9e7b905b4f5a129c42e2f309171b6e998ffb1444d86466c7ea8d43c7337 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...