Malicious code in raid-shadow-legends-promo-codes288 (npm)

The package raid-shadow-legends-promo-codes288 was found to contain malicious code...

MAL-2025-45752 Malicious code in raid-shadow-legends-promo-codes288 (npm)

The package raid-shadow-legends-promo-codes288 was found to contain malicious code...

CVE-2024-45300 Bypassing promo code limitations with race conditions

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

Malicious code in free-pokemon-go-promo-codes-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb06d31da6a5c37479f3f071ec551473de8fd747ae9455c8ebb1908ac391abab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Uber Hack lets anyone find Unlimited Promo Codes for Free Uber Rides

An Independent Security Researcher from Egypt has discovered a critical vulnerability in Uber app that could allow an attacker to brute force Uber promo code value and get valid codes with the high amount of up to $25,000 for more than one free rides. Mohamed M.Fouad has discovered a "promo codes...

Uber: Possibility to enumerate and bruteforce promotion codes in Uber iOS App

Due to the lack of rate limiting on the promo code redemption endpoint, it was possible to enumerate promo codes. The response also leaked metadata about the user, including the country of the user, their name and profile photo. Thanks, @r0t! Uber has a feature in the iOS app to apply a promotion...