1621 matches found
Malicious Package
Overview mapkit-example-vue is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in mapkit-example-vue (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a99b2a1b5d1181c18ff26056481018d107fc6fc38df563e0d7fba6aa44b7cd51 The package mapkit-example-vue was found to contain malicious code. Source: ghsa-malware...
Malicious code in mapkit-example-svelte (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e50c0bfa7ac259128381d1495bc907b68e4721214789ed3316c0a57e387175 The package mapkit-example-svelte was found to contain malicious code. Source: ghsa-malware...
MAL-2026-523 Malicious code in mapkit-example-svelte (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e50c0bfa7ac259128381d1495bc907b68e4721214789ed3316c0a57e387175 The package mapkit-example-svelte was found to contain malicious code. Source: ghsa-malware...
MAL-2026-524 Malicious code in mapkit-example-vue (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a99b2a1b5d1181c18ff26056481018d107fc6fc38df563e0d7fba6aa44b7cd51 The package mapkit-example-vue was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview mapkit-example-svelte is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Exploit for CVE-2026-24061
CVE-2...
Malicious Package
Overview mapkit-example-vanillajs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Exploit for CVE-2014-0075
CVE-2014-0075PoC T...
CVE-2012-10064
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
MAL-2026-327 Malicious code in mapkit-example-vanillajs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5930ccf1bb06110abd9daaa0441059f428ee853e926572c4c9416ba959401d53 The package mapkit-example-vanillajs was found to contain malicious code. Source: ghsa-malware...
Malicious code in mapkit-example-vanillajs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5930ccf1bb06110abd9daaa0441059f428ee853e926572c4c9416ba959401d53 The package mapkit-example-vanillajs was found to contain malicious code. Source: ghsa-malware...
CVE-2012-10064
Omni Secure Files WordPress plugin versions before 0.1.14 contain an unauthenticated arbitrary file upload vulnerability in the bundled plupload example endpoint (upload.php). The handler does not enforce safe file type restrictions, allowing attacker-controlled files to be uploaded to the plugin...
PT-2026-3315
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
CVE-2025-23808
Cross-Site Request Forgery CSRF vulnerability in Dutch van Andel Custom List Table Example custom-list-table-example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through = 1.4.1...
Resolutions, shmesolutions (and what’s actually worked for me)
Welcome to this week's edition of the Threat Source newsletter. I went to bed at 8:30 p.m. on New Year's Eve, and I think that's pretty indicative of how I approach the whole idea of New Year's resolutions. I love to count down to the new year with loved ones as much as the next person, but I hav...
Malicious code in hello-world-npm-demo-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b3d59e455a083fe1d90b99dc29e2b1d207b769331e331fd1e01a28e2a1e7060 The package hello-world-npm-demo-example was found to contain malicious code. Source: ghsa-malware...
CVE-2025-15109
A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...
CVE-2025-15109 jackq XCMS upload.php unrestricted upload
A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...
XCMS 代码问题漏洞
XCMS is a CMS website builder system by JackQ individual developers. A code issue vulnerability exists in XCMS, which stems from an incorrect operation of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php, which could lead to unlimited uploads...