Malicious code in lomi-fuis-fsa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14f9d28d081c6c3358e4bdfb9ca5e98d13712ed4573fb2f4489d3c4e3416d769 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2021-2432

Malware in sbrugna...

fsa-online.de Cross Site Scripting vulnerability OBB-3830989

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

OS Command Injection in fsa

fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand', located within 'lib/rep.js63' can be controlled by users without any sanitization to inject arbitrary commands...

@4players/odin-bot-sdk (>=0.1.0 <=0.4.4), @bhznjns/node-mp3-player (>=1.0.0 <=1.3.3) +39 more potentially affected by CVE-2020-7615 via fsa (>=0.3.1 <=0.5.1)

fsa NPM version =0.3.1, =0.1.0, =1.0.0, =1.0.0, =0.0.5, =0.0.1, =1.0.0, =0.0.1, =0.0.2, =1.2.2, =0.1.0, =1.0.4, =0.1.0, =0.1.0, =1.0.0, =2.0.0 - chiasenhac-music-bot =1.0.0 and more Source cves: CVE-2020-7615 Source advisory: OSV:GHSA-3P94-VJ97-FM4Q...

Command Injection in FSA sniffer module

An instance of improper neutralization of special elements in FortiSandbox's sniffer module may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file...

OS Command Injection

fsa is vulnerable to OS Command Injection. The vulnerability exists as the first argument of execGitCommand is not sanitized and is subsequently run by exec...

CVE-2020-7615

fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand', located within 'lib/rep.js63' can be controlled by users without any sanitization to inject arbitrary commands...

CVE-2020-7615

fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand', located within 'lib/rep.js63' can be controlled by users without any sanitization to inject arbitrary commands...

Command injection

fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand', located within 'lib/rep.js63' can be controlled by users without any sanitization to inject arbitrary commands...

CVE-2020-7615

The CVE-2020-7615 entry concerns fsa (File system auditor) up to version 0.5.1. Connected sources provide concrete details: the vulnerability is an OS command injection in the first argument to execGitCommand() located in lib/rep.js (line 63). An attacker can supply unsanitized input to inject ar...

@4players/odin-bot-sdk (>=0.1.0 <=0.4.4), @bhznjns/node-mp3-player (>=1.0.0 <=1.3.3) +39 more potentially affected by CVE-2020-7615 via fsa (>=0.3.1 <=0.5.1)

fsa NPM version =0.3.1, =0.1.0, =1.0.0, =1.0.0, =0.0.5, =0.0.1, =1.0.0, =0.0.1, =0.0.2, =1.2.2, =0.1.0, =1.0.4, =0.1.0, =0.1.0, =1.0.0, =2.0.0 - chiasenhac-music-bot =1.0.0 and more Source cves: CVE-2020-7615 Source advisory: SNYK:JS-FSA-564118...

Command Injection

Overview fsa is a File system auditor. Affected versions of this package are vulnerable to Command Injection. The first argument of execGitCommand, located within lib/rep.js63 can be controlled by users without any sanitization to inject arbitrary commands. PoC var root = require"fsa"; var...

Php Blue Dragon CMS <= 2.9.1 (template.php) File Include Vulnerability

No description provided by source. ----------------------------------------------------- Advisory id: FSA:015 Author: Federico Fazzi Date: 14/06/2006, 18:20 Sinthesis: PhpBlueDragon CMS 2.9.1, File inclusion vulnerability Type: high Product: http://phpbluedragon.net/ Patch: unavailable...

Zurich Insurance Fined Millions in UK

The UK operation of Zurich Insurance has been fined £2.27m by the Financial Services Authority FSA for losing personal details of 46,000 customers. It is the highest fine levied on a single firm for data security failings. Read the full article. BBC News...

FSA-016.txt

----------------------------------------------------- Advisory id: FSA:016 Author: Federico Fazzi Date: 14/06/2006, 18:57 Sinthesis: ISPConfig 2.2.3, File inclusion vulnerability Type: high Product: http://www.ispconfig.org/ Patch: unavailable -----------------------------------------------------...

PhpBlueDragon CMS 2.9.1, File inclusion vulnerability

----------------------------------------------------- Advisory id: FSA:015 Author: Federico Fazzi Date: 14/06/2006, 18:20 Sinthesis: PhpBlueDragon CMS 2.9.1, File inclusion vulnerability Type: high Product: http://phpbluedragon.net/ Patch: unavailable...

PHP Blue Dragon CMS 2.9.1 - template.php File Inclusion

PHP Blue Dragon CMS 2.9.1 - template.php File Inclusion ----------------------------------------------------- Advisory id: FSA:015 Author: Federico Fazzi Date: 14/06/2006, 18:20 Sinthesis: PhpBlueDragon CMS 2.9.1, File inclusion vulnerability Type: high Product: http://phpbluedragon.net/ Patch:...

DCP-Portal 6.1.x (root) Remote File Include Vulnerability

No description provided by source. ----------------------------------------------------- Advisory id: FSA:013 Author: Federico Fazzi Date: 12/06/2006, 9:31 Sinthesis: DCP-Portal 6.1.x, Remote command execution Type: high Product: http://www.dcp-portal.org/ Patch: unavailable...

f_dp-6.1.x.txt

----------------------------------------------------- Advisory id: FSA:013 Author: Federico Fazzi Date: 12/06/2006, 9:31 Sinthesis: DCP-Portal 6.1.x, Remote command execution Type: high Product: http://www.dcp-portal.org/ Patch: unavailable ----------------------------------------------------- 1...