Malicious code in npm-scrapper-faris (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ff29440d7ea5c240dc8376e18b662318b42eee0fdcdf7aa00c931bb46371416 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3884 Malicious code in ephoto-api-faris (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ab94a5cdc5abc193f41c8ec94e6c008b88ec7e5121bfd6b73b514f6664a946f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3911 Malicious code in npm-scrapper-faris (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ff29440d7ea5c240dc8376e18b662318b42eee0fdcdf7aa00c931bb46371416 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

faris.co.th Cross Site Scripting vulnerability OBB-2546724

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

am4ss Support System 1.2 PHP Code Injection Exploit

No description provided by source. ? / + Title : Am4ss = 1.2 , PHP Code Injection | Download : am4ss.com | Tested on: Windows xp sp3 , CentOs | Author : Faris , aka i-Hmx | [email protected] + sec4ever.com , 1337s.cc Time line : 10/2011 , Vulnerability discovered till now , i haven't reported the...

Hloun Support Management System 3.0 SQL Injection / Bypass

fixhashuser$COOKIE'onlineadmin'; $userquery = "SELECT FROM member WHERE username='".$memberhash'username'."' AND password='".$memberhash'password'."'"; $member = $hloun-db-fetcharray$userquery; $groupquery = "SELECT FROM group WHERE id='".$member'group'."'"; $group =...

Elastix 2.3 PHP Code Injection Vulnerability

Elastix versions prior to 2.4 php code injection exploit. ? / Exploit Title : Elastix 2.3 , Remote Command Execution Exploit Google Dork : WTF!!!! Version: Elastix All versions below 2.3 , Newer versions maybe affected as well ; Tested on: CentOS CVE : notyet Download Vuln software : elastix.org...

PBBoard 2.1.4 Authentication Bypass / Admin Add Exploit

Exploit for php platform in category web applications 14/7/2012 , Vulnerability discovered 30/7/2012 , Vendor Reported 31/7/2012 , patch released 01/8/2012 , Public disclosure engine/engine.class.php $this-CONF'adminusernamecookie' = 'PowerBBadminusername'; $this-CONF'adminpasswordcookie' =...

am4ss Support System 1.2 PHP Code Injection Exploit

Exploit for php platform in category web applications 10/2011 , Vulnerability discovered till now , i haven't reported the vendor , why!!! The idiot backdoored it by himself + the official site is fucked up ; 19/07/2012 , Public Disclosured C:\labphp am4ss.php localhost /lab/am4ss/...

am4ss Support System 1.2 - PHP Code Injection

am4ss Support System 1.2 - PHP Code Injection 10/2011 , Vulnerability discovered till now , i haven't reported the vendor , why!!! The idiot backdoored it by himself + the official site is fucked up ; 19/07/2012 , Public Disclosured C:\labphp am4ss.php localhost /lab/am4ss/...