6 matches found
Malicious code in amplitude-ma-ts (npm)
npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...
ip-address-lookup-v4.com XSS vulnerability
Open Bug Bounty ID: OBB-385141 Description| Value ---|--- Affected Website:| ip-address-lookup-v4.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventio...
MGASA-2013-0228 Updated squid packages fix security vulnerabilities
Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid...
CVE-2006-7122
Cross-site scripting XSS vulnerability in the IP Address Lookup functionality in BSQ Sitestats component for Joomla 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter...
CVE-2006-7122
Cross-site scripting XSS vulnerability in the IP Address Lookup functionality in BSQ Sitestats component for Joomla 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter...
CVE-2006-7122
CVE-2006-7122 is a cross-site scripting (XSS) issue in the IP Address Lookup of BSQ Sitestats for Joomla. Affects 1.8.0 and possibly earlier versions; vulnerable parameter: ip. Exploitation could inject arbitrary script/HTML. Remediation: upgrade to a version containing the fix (2.2.1) or apply t...