6 matches found
EUVD-2025-179418
Malicious code in daemon-epsilon-hash-link-slow npm...
Malicious code in daemon-epsilon-hash-link-slow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1247ea1f9679d0a4af4536122840c9b4be02d663783f7a7a4e4a006907deb9b3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Shopware信息泄露漏洞
Shopware is an open source e-commerce platform. An unauthorized access vulnerability exists in Shopware versions prior to 6.4.1.1. An attacker can exploit the vulnerability to gain direct access to private files stored at a cloud storage provider with a known hash url...
CVE-2019-11488
Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise before 2019-04-23 allows Unauthorized Attackers to READ/WRITE Customer or Administrator data via a persistent HTTP GET Request Hash Link Replay, as demonstrated by a login-link from the browser histor...
Improper access control
Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise before 2019-04-23 allows Unauthorized Attackers to READ/WRITE Customer or Administrator data via a persistent HTTP GET Request Hash Link Replay, as demonstrated by a login-link from the browser histor...
CVE-2019-11488
Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise before 2019-04-23 allows Unauthorized Attackers to READ/WRITE Customer or Administrator data via a persistent HTTP GET Request Hash Link Replay, as demonstrated by a login-link from the browser histor...