39 matches found
Malicious code in logrocket-network (npm)
The package logrocket-network was found to contain malicious code...
Malicious code in logrocket-fetch (npm)
The package logrocket-fetch was found to contain malicious code...
MAL-2025-25544 Malicious code in logrocket-core (npm)
The package logrocket-core was found to contain malicious code...
MAL-2025-25547 Malicious code in logrocket-fetch (npm)
The package logrocket-fetch was found to contain malicious code...
Malicious code in logrocket-core-worker (npm)
The package logrocket-core-worker was found to contain malicious code...
MAL-2025-25555 Malicious code in logrocket-video-mirror (npm)
The package logrocket-video-mirror was found to contain malicious code...
MAL-2025-25548 Malicious code in logrocket-navigation (npm)
The package logrocket-navigation was found to contain malicious code...
MAL-2025-25550 Malicious code in logrocket-prebuilt (npm)
The package logrocket-prebuilt was found to contain malicious code...
Malicious code in lazy-logrocket (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35d13ebfd82c66db49337a0483da4a0c5460498a2a1a5941e45f1b44f05a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4920 Malicious code in lazy-logrocket (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35d13ebfd82c66db49337a0483da4a0c5460498a2a1a5941e45f1b44f05a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-38488
logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...
CVE-2022-38488
logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...
Sql injection
logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...
logrocket-oauth2-example SQL注入漏洞
logrocket-oauth2-example is a source code implementation of OAuth 2.0 in Node.js by the individual developer Diogo Souza. logrocket-oauth2-example suffers from a SQL injection vulnerability that originates from inserting unfiltered user input into a SQL query, making it susceptible to SQL injecti...
CVE-2022-38488
logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...
CVE-2022-38488
CVE-2022-38488 affects logrocket-oauth2-example (pre-2020-05-27). The underlying issue is SQL injection in the /auth/register endpoint where the username parameter is inserted into a SQL query without proper sanitization. This leads to potential disclosure, modification, or destruction of data (p...
PT-2022-24424 · Unknown · Logrocket-Oauth2-Example
Name of the Vulnerable Software and Affected Versions: logrocket-oauth2-example versions prior to 2020-05-27 Description: The issue allows SQL injection via the /auth/register API endpoint, specifically through the username parameter. Recommendations: For versions prior to 2020-05-27, as a...
CVE-2022-38488
logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...
blog.logrocket.com Cross Site Scripting vulnerability OBB-3098296
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...