MAL-2026-1029 Malicious code in geocommunes-geoportal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 818beaf9a2c40fe1d288ab5f872c124eb851c191110b30d222a884e0cbec50b5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in geocommunes-geoportal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 818beaf9a2c40fe1d288ab5f872c124eb851c191110b30d222a884e0cbec50b5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EUVD-2024-48008

Malicious code in bioql PyPI...

CVE-2024-6450

HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...

CVE-2024-6449

HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by t...

CVE-2024-6450

HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...

CVE-2024-6449

HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by t...

CVE-2024-6450 Reflected XSS in HyperView Geoportal Toolkit

HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...

CVE-2024-6450

CVE-2024-6450 affects HyperView Geoportal Toolkit

CVE-2024-6450 Reflected XSS in HyperView Geoportal Toolkit

HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...

CVE-2024-6449 Arbitrary cross-domain file inclusion in HyperView Geoportal Toolkit

HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by t...

CVE-2024-6449

HyperView Geoportal Toolkit (versions

PT-2024-37637 · Unknown · Hyperview Geoportal Toolkit

Name of the Vulnerable Software and Affected Versions: HyperView Geoportal Toolkit versions prior to 8.2.4 Description: The issue concerns a Reflected Cross-Site Scripting XSS vulnerability. An unauthenticated attacker could trick someone into using a crafted URL, which will cause a script to be...

HyperView Geoportal Toolkit 安全漏洞

HyperView Geoportal Toolkit is a Map application in a web browser from HyperView, Inc. A security vulnerability exists in HyperView Geoportal Toolkit version 8.2.4 and prior versions, which stems from susceptibility to a reflective cross-site scripting attack in which an unauthenticated attacker...

HyperView Geoportal Toolkit 安全漏洞

HyperView Geoportal Toolkit is a Map application in a Web browser from HyperView, Inc. A security vulnerability exists in HyperView Geoportal Toolkit version 8.2.4 and prior versions, which arises from an unrestricted cross-domain request for remote content pointed to by a GET request parameter,...

PT-2024-37636 · Unknown · Hyperview Geoportal Toolkit

Name of the Vulnerable Software and Affected Versions: HyperView Geoportal Toolkit versions prior to 8.5.0 Description: The issue allows an unauthenticated remote attacker to prepare links that, when opened, will load scripts from a remote location controlled by the attacker and execute them in t...

geoportal-lkl.de XSS vulnerability

Open Bug Bounty ID: OBB-695307 Description| Value ---|--- Affected Website:| geoportal-lkl.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

serbia.gdi.net XSS vulnerability

Open Bug Bounty ID: OBB-656454 Description| Value ---|--- Affected Website:| serbia.gdi.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

pearl.wb.tu-harburg.de XSS vulnerability

Open Bug Bounty ID: OBB-656417 Description| Value ---|--- Affected Website:| pearl.wb.tu-harburg.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

geoportal.uriit.ru XSS vulnerability

Open Bug Bounty ID: OBB-656191 Description| Value ---|--- Affected Website:| geoportal.uriit.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...