Lucene search
K

7 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-27829 Malicious code in npm-download-counts-v2 (npm)

The package npm-download-counts-v2 was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in npm-download-counts-v2 (npm)

The package npm-download-counts-v2 was found to contain malicious code...

7AI score
Exploits0
Node.js
Node.js
added 2021/01/25 1:42 p.m.52 views

Malicious Package

Overview From https://blog.sonatype.com/sonatype-spots-more-discord-malware-in-npm?hspreview=BbDPGbfh-40737456755: The malicious packages were detected by Sonatype’s Security Research Team leveraging Sonatype’s Nexus Intelligence research service. On analyzing these packages closely, our Security...

6.9AI score
Exploits0Affected Software1
Drupal
Drupal
added 2019/02/06 12:0 a.m.14 views

Public Download Count - Less critical - Open Redirect Vulnerability - SA-CONTRIB-2019-012

This module enables you to track download counts of files linked from a Drupal site. Links in Drupal content are rewritten to go through an intermediate page that records download stats and then redirects to the final destination. The module did not verify that the links provided to the...

6.5AI score
Exploits0References6
NVD
NVD
added 2015/04/21 6:59 p.m.13 views

CVE-2015-3389

Cross-site scripting XSS vulnerability in the Download counts report page in the Public Download Count module pubdlcnt 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.3AI score0.00965EPSS
Exploits0References4
Prion
Prion
added 2015/04/21 6:59 p.m.12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Download counts report page in the Public Download Count module pubdlcnt 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/04/21 6:0 p.m.61 views

CVE-2015-3389

Summary: CVE-2015-3389 affects the Drupal Public Download Count module (pubdlcnt). The vulnerability is an XSS in the Download counts report page in 7.x-1.x-dev and earlier due to insufficient sanitization, allowing remote authenticated users to inject arbitrary web script or HTML via unspecified...

3.5CVSS5.4AI score0.00965EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder