3 matches found
Malicious code in @pluxee-connect/account-db-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49a36af66b1c55fbf7a78529c1fe2d15b819cef018300a03cdc8e0a1b59f36c9 Version 99.0.0 of this package targets an internal-looking npm scope and ships a postinstall.js that, on every npm install, reads os.hostname,...
CVE-2023-39289
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information...
Telenor.com.pk SMS 2-Factor Bypass
Title: Telenor.com.pk Connect Account SMS PIN Redirection Author: Muhammad Shahbaz LinkedIn: https://www.linkedin.com/in/mr-muhammad-shahbaz/ Found: 2019-04-01 Attack Pattern: Telenor.com.pk Connect Account has a fundamental design flaw where the client can send a random telenor phone number...