7 matches found
MAL-2025-27829 Malicious code in npm-download-counts-v2 (npm)
The package npm-download-counts-v2 was found to contain malicious code...
Malicious code in npm-download-counts-v2 (npm)
The package npm-download-counts-v2 was found to contain malicious code...
Malicious Package
Overview From https://blog.sonatype.com/sonatype-spots-more-discord-malware-in-npm?hspreview=BbDPGbfh-40737456755: The malicious packages were detected by Sonatype’s Security Research Team leveraging Sonatype’s Nexus Intelligence research service. On analyzing these packages closely, our Security...
Public Download Count - Less critical - Open Redirect Vulnerability - SA-CONTRIB-2019-012
This module enables you to track download counts of files linked from a Drupal site. Links in Drupal content are rewritten to go through an intermediate page that records download stats and then redirects to the final destination. The module did not verify that the links provided to the...
CVE-2015-3389
Cross-site scripting XSS vulnerability in the Download counts report page in the Public Download Count module pubdlcnt 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Download counts report page in the Public Download Count module pubdlcnt 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-3389
Summary: CVE-2015-3389 affects the Drupal Public Download Count module (pubdlcnt). The vulnerability is an XSS in the Download counts report page in 7.x-1.x-dev and earlier due to insufficient sanitization, allowing remote authenticated users to inject arbitrary web script or HTML via unspecified...