Lucene search
K

4 matches found

Snyk
Snyk
added 2025/09/15 7:39 a.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Cvelist
Cvelist
added 2023/11/23 8:37 a.m.27 views

CVE-2023-28813

An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files...

8.1CVSS8.1AI score0.00627EPSS
Exploits0References1
Prion
Prion
added 2020/12/09 5:15 p.m.19 views

Open redirect

SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...

5.8CVSS6.2AI score0.02338EPSS
Exploits1References4Affected Software1
Hacker One
Hacker One
added 2018/09/27 4:46 p.m.43 views

Chaturbate: Missing CSRF Protection in /stats EndPoint.

EndPoint /affiliates/stats. doesnot verify the CSRF Tokens Steps To Reproduce: 1. Login with the your account 2. Navigate to the URL https://chaturbate.com/affiliates/stats.. 3. Check the stats in default its todays date or this week in select period. 4. Intercept the request and change the...

0.4AI score
Exploits0
Rows per page
Query Builder