Lucene search
K

39 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in logrocket-network (npm)

The package logrocket-network was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in logrocket-fetch (npm)

The package logrocket-fetch was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-25544 Malicious code in logrocket-core (npm)

The package logrocket-core was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-25547 Malicious code in logrocket-fetch (npm)

The package logrocket-fetch was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in logrocket-core-worker (npm)

The package logrocket-core-worker was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-25555 Malicious code in logrocket-video-mirror (npm)

The package logrocket-video-mirror was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-25548 Malicious code in logrocket-navigation (npm)

The package logrocket-navigation was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-25550 Malicious code in logrocket-prebuilt (npm)

The package logrocket-prebuilt was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/06 1:31 a.m.3 views

Malicious code in lazy-logrocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35d13ebfd82c66db49337a0483da4a0c5460498a2a1a5941e45f1b44f05a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/06/06 1:31 a.m.5 views

MAL-2025-4920 Malicious code in lazy-logrocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35d13ebfd82c66db49337a0483da4a0c5460498a2a1a5941e45f1b44f05a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
NVD
NVD
added 2022/12/14 9:15 p.m.32 views

CVE-2022-38488

logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...

9.8CVSS0.14132EPSS
Exploits1References5
OSV
OSV
added 2022/12/14 9:15 p.m.8 views

CVE-2022-38488

logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...

9.8CVSS5.8AI score0.14132EPSS
Exploits1References5
Prion
Prion
added 2022/12/14 9:15 p.m.25 views

Sql injection

logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...

7.5CVSS9.8AI score0.14132EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.7 views

logrocket-oauth2-example SQL注入漏洞

logrocket-oauth2-example is a source code implementation of OAuth 2.0 in Node.js by the individual developer Diogo Souza. logrocket-oauth2-example suffers from a SQL injection vulnerability that originates from inserting unfiltered user input into a SQL query, making it susceptible to SQL injecti...

9.8CVSS8.7AI score0.14132EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/12/14 12:0 a.m.36 views

CVE-2022-38488

logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...

10AI score0.14132EPSS
Exploits1References5
CVE
CVE
added 2022/12/14 12:0 a.m.63 views

CVE-2022-38488

CVE-2022-38488 affects logrocket-oauth2-example (pre-2020-05-27). The underlying issue is SQL injection in the /auth/register endpoint where the username parameter is inserted into a SQL query without proper sanitization. This leads to potential disclosure, modification, or destruction of data (p...

9.8CVSS9.8AI score0.14132EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/14 12:0 a.m.7 views

PT-2022-24424 · Unknown · Logrocket-Oauth2-Example

Name of the Vulnerable Software and Affected Versions: logrocket-oauth2-example versions prior to 2020-05-27 Description: The issue allows SQL injection via the /auth/register API endpoint, specifically through the username parameter. Recommendations: For versions prior to 2020-05-27, as a...

9.8CVSS9.8AI score0.14132EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2022/12/14 12:0 a.m.9 views

CVE-2022-38488

logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter...

8.3AI score0.14132EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2022/12/13 7:53 a.m.8 views

blog.logrocket.com Cross Site Scripting vulnerability OBB-3098296

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder