6 matches found
MAL-2026-5727 Malicious code in vite-config-optimizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f824c077d7d2705d17dc29eba9a24ea8b51b93785bcf83fdfe639fc8f9bc581f package.json declares a postinstall hook node -e "require'./loader.js'" that auto-executes on every npm install. loader.js spawns a detached child No...
Malicious code in webpack-cache-cycle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82fa37e2478a7109e376e3a062ccb203806511033930eb7390e45fe7ef404b81 On npm install, package.json's postinstall hook runs node -e "require'./loader.js'". loader.js spawns a detached node process that decodes a...
CVE-2004-1517
Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions...
SimpleServer:WWW 1.0.71.0.81.13 - Hex Encoded URL Directory Traversal
SimpleServer:WWW 1.0.71.0.81.13 - Hex Encoded URL Directory Traversal source: https://www.securityfocus.com/bid/3112/info SimpleServer:WWW is a freely available HTTP daemon available from AnalogX. It is designed for simplicity of operation. A problem with the web server could allow a remote user ...
SimpleServer:WWW 1.0.7/1.0.8/1.13 - Hex Encoded URL Directory Traversal
source: https://www.securityfocus.com/bid/3112/info SimpleServer:WWW is a freely available HTTP daemon available from AnalogX. It is designed for simplicity of operation. A problem with the web server could allow a remote user to execute arbitrary commands, and potentially gain local access to th...
T. Hauck Jana Server 1.451.46 - Hex Encoded Directory Traversal
T. Hauck Jana Server 1.451.46 - Hex Encoded Directory Traversal source: https://www.securityfocus.com/bid/2703/info It is possible for a remote user to traverse the directories of a host running Jana Server. Submitting a specially crafted URL using hex encoded 'double dot' sequences will reveal...