8 matches found
CVE-2026-27684
SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...
EUVD-2026-10455
SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...
CVE-2026-27684
SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...
CVE-2026-27684
CVE-2026-27684 affects SAP NetWeaver Feedback Notifications Service. An authenticated attacker can exploit a SQL injection by supplying input that is directly concatenated into SQL queries, enabling manipulation of WHERE clause logic. This can lead to unauthorized access to or modification of dat...
CVE-2026-27684 SQL Injection Vulnerability in SAP NetWeaver (Feedback Notification)
SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...
Malicious code in deskpro-notifications-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9e07cbfe7dbcfbce0bd86d7353862570a270265a771f2ed1da61bb8ddf101b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-246 Malicious code in deskpro-notifications-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9e07cbfe7dbcfbce0bd86d7353862570a270265a771f2ed1da61bb8ddf101b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview deskpro-notifications-service is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...