Lucene search
K

6 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/24 1:35 a.m.10 views

Malicious code in amplitude-ma-ts (npm)

npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...

5.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/01 4:13 p.m.13 views

ip-address-lookup-v4.com XSS vulnerability

Open Bug Bounty ID: OBB-385141 Description| Value ---|--- Affected Website:| ip-address-lookup-v4.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventio...

6.3AI score
Exploits0
OSV
OSV
added 2013/07/21 8:18 p.m.4 views

MGASA-2013-0228 Updated squid packages fix security vulnerabilities

Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid...

7.5CVSS8.8AI score0.80451EPSS
Exploits0References6
NVD
NVD
added 2007/03/06 1:19 a.m.19 views

CVE-2006-7122

Cross-site scripting XSS vulnerability in the IP Address Lookup functionality in BSQ Sitestats component for Joomla 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter...

6.8CVSS5.9AI score0.01182EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/03/06 1:0 a.m.25 views

CVE-2006-7122

Cross-site scripting XSS vulnerability in the IP Address Lookup functionality in BSQ Sitestats component for Joomla 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter...

5.9AI score0.01182EPSS
Exploits0References5
CVE
CVE
added 2007/03/06 1:0 a.m.52 views

CVE-2006-7122

CVE-2006-7122 is a cross-site scripting (XSS) issue in the IP Address Lookup of BSQ Sitestats for Joomla. Affects 1.8.0 and possibly earlier versions; vulnerable parameter: ip. Exploitation could inject arbitrary script/HTML. Remediation: upgrade to a version containing the fix (2.2.1) or apply t...

6.8CVSS6.1AI score0.01182EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder