5 matches found
Malicious code in capacitybot-cf-nodejs-fct (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5b42f3b06d0df2c9f6aae3bfb77770c06bbe2113bc58d1516d24cb876fb1aa3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1825 Malicious code in capacitybot-cf-nodejs-fct (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5b42f3b06d0df2c9f6aae3bfb77770c06bbe2113bc58d1516d24cb876fb1aa3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
FortiClientEMS & FortiClient - Telemetry protocol is vulnerable to a MitM Vulnerability
A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac may allow an unauthenticated and network adjacent attacker to perform a...
Cross site scripting
Cross-site scripting XSS vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote attackers to inject arbitrary web script or HTML via the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-3295
Cross-site scripting XSS vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote attackers to inject arbitrary web script or HTML via the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...