MAL-2026-5049 Malicious code in @lir-portal/web-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6cc9f2fe6ad0219df5db208b736cb45305b7e7062ec9d66a3316427e050989f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-2693 Malicious code in vs-supplier-portal-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4ce50d0cee946b14aa2dee0c469a73331ff0c63bc65b134b3b50edb5d43c54 The package vs-supplier-portal-web was found to contain malicious code. Source: ghsa-malware...

Malicious code in vs-supplier-portal-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4ce50d0cee946b14aa2dee0c469a73331ff0c63bc65b134b3b50edb5d43c54 The package vs-supplier-portal-web was found to contain malicious code. Source: ghsa-malware...

EUVD-2017-4188

Malware in sbrugna...

Malicious code in creator-portal-web (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5327398bd579ef0663ef6e1919049ade891f5f0f39b28f9314ce8d3a6040017 Any computer that has this package installed or running should be considered...

Arbitrary File Upload

Overview com.liferay.portal:portal-web is a portal package for liferay. Affected versions of this package are vulnerable to Arbitrary File Upload which allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. Workaround Use the portal.property dl.file.extensions t...

CVE-2022-35227

A vulnerability in SAP NW EP WPC - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site XSS scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to...

MAL-2022-5419 Malicious code in portal-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05e39c65406cfe7e8a140b39bd365105d7c4cf25ff7982fec8ef38f9fc4d2787 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in portal-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05e39c65406cfe7e8a140b39bd365105d7c4cf25ff7982fec8ef38f9fc4d2787 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross-site Scripting (XSS)

portal-web is vulnerable to cross-site scripting XSS. The vulnerability exists as the value of category.getName, and message.getSubject, when displaying the html/portlet/messageboards/search.jsp search results, were not sanitized...

Portal Web Services CRLF Injection / XSS

Exploit Title: Portal Web Services Cms CRLF injection + Cross Site Scripting Vulnerability + Exploit Author: Ashiyane Digital Security Team + Home : www.Ashiyane.org + Vendor Homepage: www.portalwebservices.com + Tested on: Windows 7 + Dork: intext:"Powered By : Portal Web Services"...