668 matches found
PT-2025-51229
Name of the Vulnerable Software and Affected Versions Fox LMS – WordPress LMS Plugin versions prior to 1.0.5.1 Description The Fox LMS – WordPress LMS Plugin does not properly validate the role parameter when creating new users via the /fox-lms/v1/payments/create-order API endpoint. This allows...
WordPress plugin Fox LMS – WordPress LMS Plugin 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress...
Exploit for CVE-2025-6980
Arista NGFW Sensitive Information Disclosure Check Arista NGF...
Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China
The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat group in attacks targeting organizations in China. The search engine optimization SEO poisoning campaign leverages Microsoft Teams lures to trick unsuspecting users into downloadin...
MAL-2025-139110 Malicious code in weekly-salmon-fox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90ca9e3154061e65e59397c2c22e3fa9f87ba126a97e979ecede3258c4166596 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116992
Malicious code in weekly-salmon-fox npm...
FoxCMS Cross-Site Scripting Vulnerability
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. FoxCMS 1.2.16 and previous versions of the existence of cross-site scripting vulnerability, the vulnerability stems from the file app/admin/controller/Product.php parameter Title on the user-provided data...
Malicious code in established_fox_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e2d21ea766122942bf5e931f4348ef567a71ceb775c21bf8ed5e780c98670be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-102972
Malicious code in properfoxz3n npm...
EUVD-2025-104497
Malicious code in innerfoxz3n npm...
EUVD-2025-95106
Malicious code in shiveringfoxz3n npm...
EUVD-2025-106033
Malicious code in commonfoxz3n npm...
EUVD-2025-74561
Malicious code in hungryfoxgreen-61 npm...
EUVD-2025-74252
Malicious code in shinyfoxamaranth-13 npm...
EUVD-2025-74846
Malicious code in brightfoxsilver-92 npm...
EUVD-2025-74721
Malicious code in dustyfoxamber-42 npm...
MAL-2025-109349 Malicious code in surprising_fox-appteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ffb767bd7df5ca4c6f921c108a23d09cfe46bd701d22b10dc8da76c1a6a4cb1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-75490
Malicious code in surprisingfox-appteadev npm...
EUVD-2025-79199
Malicious code in freefoxz3n npm...
EUVD-2025-79501
Malicious code in criticalfoxz3n npm...