MAL-2022-552 Malicious code in @radancy/dropr-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7d65597a378ae68da60c52477f431ecb3d0daa36792a77237f19d562ea7a04d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @radancy/dropr-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Radancy: [www.werkenbijderet.nl] There is no rate limit for vacature-alert endpoints

https://werkenbijderet.nl/vacature-alert lacked a properly configured application specific tuned rate limiting defense mechanism. Because the speed limit was set very high, it was possible to send thousands of mails within 10 minutes. The fix was to implement a middleware which throttles requests...

Radancy: I can subscribe and unsubscribe any user with the same token for as many times as i want

During the subscription process for a newsletter it was possible to enter any email-address which would automatically be added to the emaillist without proper confirmation via a confirmation token send by email. Same for the unsubscription process, anyone could unsubscribe all emailaddress becaus...

Radancy: Weak password

It takes ash123456789123456789 as a password,which is not secure.It can be cracked using Dictionary,brute force etc attacks. Impact: If password complexity is not enforced people may tend to put easily guessable password which may be exploitable for a malicious user. Solution-To make it more...

Radancy: Facebook and twitter page claimed of maximum.com [important]

Maximum uses these 2 links for their users to follow: twitter.com/MaximumEMG facebook.com/MaximumEMG Mostly maximum.nl redirects to maximum.com , so I thought it is important to tell you about this.Since it is risky for users. Steps To Reproduce: Visit maximum.com they may be used in many place...

Radancy: Application error message

Attack details HTTP Header input X-Forwarded-For was set to 12345'"'";|%00%0d%0a%bf%27'??? Error message found: Warning: inetpton function.inet-pton: Unrecognized address 12345'"\'\";|%00%0d%0a%00%bf%27' in...

Radancy: Microsoft IIS tilde directory enumeration

Request OPTIONS //1/a.aspx?aspxerrorpath=/ HTTP/1.1 Host: exactrd.maximum.nl Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 10.0; WOW64 AppleWebKit/537.36 KHTML, like Gecko Chrome/50.0.2661.94 Safari/537.36 Accept: / Response HTTP/1.1 404 Not Found...

Radancy: Application error message

Request GET / HTTP/1.1 Host: 12345'"'";|%00%0d%0a%bf%27' Referer: https://serverhk.maximum.com:443/ Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Opera/9.80 Windows NT 6.0; U; en Presto/2.8.99 Version/11.10 Accept: / Response HTTP/1.1 500 Internal Server Error Server:...

Radancy: XSS risk reduction with X-XSS-Protection: 1; mode=block header

As you can read for example on this Microsoft blog http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx: " ... X-XSS-Protection: 1; mode=block When this token is present, if a potential XSS Reflection attack...