Malicious code in koa-uglify-js-css-minimizer-webpack-plugin-tectonophysics (npm)

The package koa-uglify-js-css-minimizer-webpack-plugin-tectonophysics was found to contain malicious code...

CVE-2023-52216

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

CVE-2023-52216

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

CVE-2023-52216 WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Yevhen Kotelnytskyi JS & CSS Script Optimizer.This issue affects JS & CSS Script Optimizer: from n/a through 0.3.3...

PT-2024-14480 · Unknown · Js & Css Script Optimizer

Name of the Vulnerable Software and Affected Versions: JS & CSS Script Optimizer versions 0.3.3 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the JS & CSS Script Optimizer. This type of issue allows an attacker to trick a user into performing unintended actions on a web...

WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software JS & CSS Script Optimizer Type Plugin Vulnerable versions = 0.3.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52216 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b2115f84b7a4 Credits Nguyen Xuan...

Arbitrary File Read in Admin JS CSS files

Impact It was observed that the /admin/misc/script-proxy API endpoint accessible by an authenticated administrator user and is vulnerable arbitrary JavaScript, CSS file read via the "scriptPath" and "scripts" parameters. The "scriptPath" parameter is not sanitized properly and is vulnerable to pa...

CVE-2022-4560 Joget wflow-core UniversalTheme.java getInternalJsCssLib cross site scripting

A vulnerability was found in Joget up to 7.0.31. It has been rated as problematic. This issue affects the function getInternalJsCssLib of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UniversalTheme.java of the component wflow-core. The manipulation of the argument key leads to...

Malicious code in external-js-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c06d2f4db7e9efc9676f195c4794c9b02fb52e277ad85db8059db8803081e15 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2940 Malicious code in external-js-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c06d2f4db7e9efc9676f195c4794c9b02fb52e277ad85db8059db8803081e15 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ppalCart.txt

+-------------------------------------------------------------------- + + ppalCart V2.5 EE Remote File Inclusion + +------------------------------------------------------------------- + + Affected Software .: Software + Version .............: ppalCart 2.5 EE + Venedor ...........:...