Malicious code in ph-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07a12a2296142889c91ff5760f4a0abc8866ea9a5e439847b8b5817565348b6e The package ph-common was found to contain malicious code...

MAL-2026-1809 Malicious code in ph-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07a12a2296142889c91ff5760f4a0abc8866ea9a5e439847b8b5817565348b6e The package ph-common was found to contain malicious code...

CVE-2025-70063

The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference IDOR vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the...

PropertyHive < 2.1.1 - Cross-Site Scripting

The Property Hive plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'phmessage' parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

CVE-2025-63644

A stored cross-site scripting XSS vulnerability exists in pH7Software pH7-Social-Dating-CMS 17.9.1 in the user profile Description field...

CVE-2024-44630

Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...

FBI Wants to Know Who Runs Archive.ph

The FBI has issued a federal subpoena to domain registrar Tucows, demanding extensive billing and session records to unmask the anonymous operator of Archive.ph Archive.is and Archive.today. The site, known for bypassing paywalls, is now the subject of an undisclosed criminal investigation...

MINI-GFP4-P698-P7PH

Bulletin has no description...

EUVD-2023-1848

Malicious code in bioql PyPI...

MAL-2025-13133 Malicious code in @zalastax/nolb-ph- (npm)

The package @zalastax/nolb-ph- was found to contain malicious code...

Malicious code in @zalastax/nolb-ph- (npm)

The package @zalastax/nolb-ph- was found to contain malicious code...

MAL-2025-13715 Malicious code in @zalastax/nolb-react-ph (npm)

The package @zalastax/nolb-react-ph was found to contain malicious code...

GHSA-MX27-GG24-H2JC ph-json vulnerable to stack exhaustion

An issue was discovered ph-json through 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

ph-json vulnerable to stack exhaustion

An issue was discovered ph-json through 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

com.finmatics.et:et-core (>=0.1.0 <=0.2.0), com.helger.commons:ph-config (>=10.0.0 <=11.0.4) +87 more potentially affected by CVE-2023-34612 via com.helger.commons:ph-json (>=10.0.0 <=11.0.4)

com.helger.commons:ph-json MAVEN version =10.0.0, =0.1.0, =10.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =3.0.2, =8.5.0, =2.1.0, =1.1.0, =1.1.0, =1.1.0, =2.1.2 and more Source cves: CVE-2023-34612 Source advisory: OSV:GHSA-MX27-GG24-H2JC...

CVE-2023-34612

An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

CVE-2023-34612

An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

Code injection

An issue was discovered ph-json thru 9.5.5 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

PT-2023-24949 · Ph-Json · Ph-Json

Name of the Vulnerable Software and Affected Versions: ph-json versions 9.5.5 and earlier Description: An issue allows attackers to cause a denial of service or other unspecified impacts via a crafted object that uses cyclic dependencies. Recommendations: For versions 9.5.5 and earlier, consider...

ph-commons 缓冲区错误漏洞

ph-commons is a set of shared Java 11+ libraries used in many other projects by the individual developer Philip Helger. A security vulnerability exists in ph-commons ph-json 9.5.5 and earlier versions, which stems from a vulnerability that allows an attacker to cause a denial of service by using...