MAL-2026-1260 Malicious code in webmd-url (npm)

Package exfiltrates data via pre/postinstall scripts, and has a suspicious main entrypoint targeting MongoDB configurations. Package extracts data like username, hostname and current working directory and sends it to malicious domain http://4v6heh2m.requestrepo.com/depconf/webmd-url/ --- -= Per...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from unauthorized inspections, which may lead to the resetting of database configurations...

PT-2025-43951

An issue was discovered in eTimeTrackLite Web thru 12.0 20250704. There is a permission control flaw that allows unauthorized attackers to access specific routes and modify database connection configurations...

EUVD-2019-8215

Malware in sbrugna...

Arbitrary File Read Vulnerability in Blue Route Blog System

Shenzhen Blue Route Technology Co., Ltd, provides cloud computing products, cloud computing solutions, enterprise cloud application software, etc., is committed to providing customers with professional cloud services. Blue Route blog system there is an arbitrary file reading vulnerability,...

Weak Password Vulnerability in Isthmus Electronic Document Security Management System

Electronic document security management system referred to as: CDG is an electronic document security protection software. Document security management system background configuration system there is a default password, the attacker can enter the background through the default password to obtain...

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2018-18006)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...