Malicious code in collabs-merchants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c742b9fe98460e2c9a2ab91847c6ff1f1b753187de7d52c7d160dd99021b6e58 The package collabs-merchants was found to contain malicious code...

MAL-2026-1694 Malicious code in collabs-merchants (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c742b9fe98460e2c9a2ab91847c6ff1f1b753187de7d52c7d160dd99021b6e58 The package collabs-merchants was found to contain malicious code...

EUVD-2025-5458

Malicious code in bioql PyPI...

CVE-2025-25326

An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2025-25326

An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2025-25326

An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link...

CVE-2025-25326

An issue in the Merchants Union Finance iOS app 6.19.0 allows attackers to access sensitive user information by supplying a crafted link. CVE-2025-25326 has a CVSS v3.1 base score of 5.5 (Medium) with Local attack vector, Low attack complexity, No privileges required, and User interaction require...

CVE-2025-25326

An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link...

MUCFC Merchants Union Finance 安全漏洞

MUCFC Merchants Union Finance MUCFC is a credit loan installment borrowing platform from China Merchants Union MUCFC Corporation. A security vulnerability exists in MUCFC Merchants Union Finance iOS version 6.19.0, which originates from a specially crafted link that can access sensitive user...

Unspecified Vulnerability in Adobe Commerce (CNVD-2024-19007)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. A security vulnerability exists in Adobe Commerce that can be exploited by an attacker with elevated privileges to potentially abuse the vulnerability t...

The great divide of PCI DSS v4.0: Merchants, are you ready?

Are you ready for PCI DSS 4.0? Its vital to understand the changes to prepare properly and avoid costly delays in achieving compliance...

merchants-manor.cornwallhotel.net Cross Site Scripting vulnerability OBB-3437996

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

merchants-crown.best-hotelsprague.com Cross Site Scripting vulnerability OBB-3437995

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

merchants-avenue.best-hotelsprague.com Cross Site Scripting vulnerability OBB-3437994

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

merchants-almshouse.bristolhotels24.com Cross Site Scripting vulnerability OBB-3437993

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Paragon Solutions Spyware: Graphite

Paragon Solutions is yet another Israeli spyware company. Their product is called "Graphite," and is a lot like NSO Groups Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragons strategy. The company sought a list ...

Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack

A zero-day remote code-execution RCE bug in the Magento 2 and Adobe Commerce platforms has been actively exploited in the wild, Adobe said – prompting an emergency patch to roll out over the weekend. The security vulnerability bug CVE-2022-24086 is a critical affair, allowing pre-authentication R...

Online Merchants: Prevent Fraudsters from Becoming Holiday Grinches

As the holiday shopping season gets into full swing, merchants aren’t the only ones expecting to have a prosperous year. Fraudsters, too, are out to grab their illicit share of the money changing hands or accounts in the weeks ahead. Especially susceptible to theft by fraud are millions of...

Create WooCommerce Product Feeds For 40+ Merchants < 3.3.1.0 - Authenticated SQL Injection

The fetchproductajax functionality in the plugin uses a productid POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. POST /wp-admin/admin-ajax.php HTTP/1.1 Content-Length: 162 Accept: / X-Requested-With: XMLHttpReque...

zzcms elevation of privilege vulnerability

ZZCMS is the content management system of Webmaster Merchants. An elevation of privilege vulnerability exists in /user/adv.php in zzcms version 201910. An attacker can exploit this vulnerability to modify data, which can be used to launch further attacks...