CZ Loan Management <= 1.1 - SQL Injection

The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2024-5975 info: name: CZ Loan Management = 1.1 - SQL Injection author...

CVE-2026-42748

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through = 5.4.1...

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

EUVD-2025-178548

Malicious code in hercules-css-minimizer-webpack-plugin-cz-conventional-changelog-dorado npm...

EUVD-2025-177811

Malicious code in miranda-fomalhaut-apollo-cz-conventional-changelog npm...

EUVD-2025-179339

Malicious code in deneb-bellatrix-eridanus-cz-conventional-changelog npm...

EUVD-2025-179429

Malicious code in cz-conventional-changelog-blitz-steganography-lacerta npm...

EUVD-2025-179424

Malicious code in cz-conventional-changelog-stop-readable-mutation npm...

EUVD-2025-178708

Malicious code in glaciology-wormhole-cz-conventional-changelog-oauth npm...

EUVD-2025-179427

Malicious code in cz-conventional-changelog-ora-rehype-xanadu npm...

Malicious code in cz-conventional-changelog-stop-readable-mutation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 409af1f40cee40b2159b3a8d5e2b0d4416b25c8e18bff01a890829e0bb75d7af This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177959

Malicious code in markdown-cz-conventional-changelog-link-proxima npm...

EUVD-2025-114692

Malicious code in cz-conventional-changelog-dotenv-parse-variables-optimize-css-assets-webpack-plugin-elektra npm...

EUVD-2025-114694

Malicious code in cz-conventional-changelog-comet-prompts-link npm...

EUVD-2025-114996

Malicious code in cors-aldebaran-aldebaran-cz-conventional-changelog npm...

EUVD-2025-114682

Malicious code in cz-conventional-changelog-private-superagent-module npm...

EUVD-2025-114687

Malicious code in cz-conventional-changelog-kastra-procyon-ganymede npm...

EUVD-2025-122470

Malicious code in rimraf-leda-proxima-cz-conventional-changelog npm...

EUVD-2025-114675

Malicious code in cz-conventional-changelog-subscription-loopback-titan npm...

EUVD-2025-122313

Malicious code in sagitta-polaris-markdownlint-cz-conventional-changelog npm...