4 matches found
Malicious code in selfish_moose_replicate_automation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 503c46fff451c3667a34e4a151cbc230ab757b324b6507312034fc28e1f0bffd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS
No description provided by source. 恶意用户可以修改项目文件夹描述进行XSS攻击和HTML注入(添加链接、图片和按钮等)。 因为项目文件夹时被不同用户共享,该漏洞可以用来抓取会话cookie。 创建一个项目文件夹并添加下面的描述(根据版本修改特定路径):...
Acc Auto Dealer Script v5.0 Persistent XSS and SQL Backup
No description provided by source. Vendor : http://www.accscripts.com/autos/download.html Version: 5.0 /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111 ---------------------------------------------------------------- + Acc Auto Dealer Script Persistent XSS...
CVE-2003-0303
SQL injection vulnerability in one||zero aka One or Zero Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter...