1294 matches found
Privilege Escalation due to Blind NoSQL Injection
Overview Versions of flintcms before version 1.1.10 are vulnerable to account takeover due to blind MongoDB injection in the password reset. Recommendation Update to version 1.1.10 or later. References - HackerOne Report - GitHub Advisory...
Malicious Package
Overview All versions of soket.io are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation...
Malicious Package
Overview All versions of regenrator are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendatio...
Malicious Package
Overview All versions of regenraotr are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendatio...
CVE-2017-16226
creationtimestamp| type| source ---|---|--- 2018-08-06 21:37:06+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-5mjw-6jrh-hvfq...
Arbitrary File Write via Archive Extraction
Overview Versions of adm-zip before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.4.9 or later. References - GitHub Pull Request - Zip Slip...
Arbitrary File Write via Archive Extraction
Overview Versions of unzipper before 0.8.13 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames ../../file.txt for example. Recommendation Update to version 0.3.18 or later. References - GitHub Pull Request - Zip Slip...
Path Traversal
Overview Versions of express-cart before 1.1.7 are vulnerable to Path Traversal. Recommendation Update to version 1.1.7 or later. References - HackerOne Report - GitHub Advisory...
CVE-2017-16030
creationtimestamp| type| source ---|---|--- 2018-07-24 19:59:13+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pjmx-9xr3-82qr...
CVE-2017-16010
creationtimestamp| type| source ---|---|--- 2018-07-24 19:58:33+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-cmh5-qc8w-xvcq...
CVE-2017-16082
creationtimestamp| type| source ---|---|--- 2018-07-24 19:44:42+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-wc9v-mj63-m9g5...
CVE-2017-16088
creationtimestamp| type| source ---|---|--- 2018-07-18 18:28:10+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-ww6v-677g-p656...
CVE-2016-10548
creationtimestamp| type| source ---|---|--- 2018-06-07 19:43:06+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-4662-j96g-mv46...
Information Exposure on Case Insensitive File Systems
Overview Versions of serve before 7.0.0 are vulnerable to information exposure, bypassing the ignore security control, but only on case insensitive file systems. Recommendation Update to version 7.0.0 or later. References - HackerOne Report - GitHub Advisory...
Cross-Site Scripting
Overview All versions of sexstatic are vulnerable to stored cross-site scripting xss. This is exploitable if an attacker can control a filename that is served by sexstatic. Recommendation As there is no fix is currently available for this vulnerability it is our recommendation to not install or...
Command Injection
Overview Versions of pdf-image before 2.0.0 are vulnerable to command injection. This vulnerability is exploitable if the attacker has control over the pdfFilePath variable passed into pdf-image. Recommendation Update to version 2.0.0 or later. References - HackerOne Report - GitHub Advisory...
Cross-Site Scripting
Overview All versions of react-marked-markdown are vulnerable to cross-site scripting XSS via href attributes. This is exploitable if user is provided to react-marked-markdown Proof of concept: import React from 'react' import ReactDOM from 'react-dom' import MarkdownPreview from...
Command Injection
Overview All versions of buttle are vulnerable to command injection. Remote command execution is possible when buttle is run with the --php-bin flag. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time...
SQL Injection
Overview All versions of query-mysql are vulnerable to SQL injection due to lack of user input sanitization allows to run arbitrary SQL queries when fetching data from database. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not install or use thi...
Command Injection
Overview All versions of fs-path are vulnerable to command injection is unsanitized user input is passed in. Recommendation No fix is currently available for this vulnerability. It is our recommendation to not install or use this module until a fix is available. References - HackerOne Report -...