4 matches found
MAL-2022-2583 Malicious code in dpgs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7341387ac97a15d46f4b34475f154efe8db505fbbc54d24e0deb37631a79534b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dpgs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7341387ac97a15d46f4b34475f154efe8db505fbbc54d24e0deb37631a79534b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2002-1411
CVE-2002-1411 concerns a directory traversal vulnerability in the Duma Photo Gallery System (DPGS) 0.99.4, reported as affecting the update.dpgs endpoint. The vulnerability arises from insufficient validation of the id parameter, allowing remote attackers to read arbitrary files via .. (dot dot) ...
DPGS allows any file to be overwritten
Taken from the scripts website: "WARNING: DPGS is no longer maintained and is thus discontinued. If you would like to take over its development, email me. - July 30, 2000" This is the reasoning to why I did not contact the author prior to this email. This is an example of how bad input filtering...