11 matches found
EUVD-2022-1982
Malicious code in bioql PyPI...
CVE-2019-17625
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...
MAL-2023-8161 Malicious code in rambox (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63e80eb984d70eca3cfadd2c9872df353dba45f0c14111f84c9c0ab34f8b8930 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rambox (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63e80eb984d70eca3cfadd2c9872df353dba45f0c14111f84c9c0ab34f8b8930 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Rambox RCE Vulnerability
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...
GHSA-2GC6-2H2G-PH48 Rambox RCE Vulnerability
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...
Exploit for OS Command Injection in Rambox
CVE-2019-17625 There is a stored XSS vulnerability in rambox...
CVE-2019-17625
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...
Cross site scripting
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...
CVE-2019-17625
CVE-2019-17625 affects Rambox 0.6.9 with a stored XSS in the name field when adding/editing a service. The root cause is incorrect sanitization of the name field, enabling a payload that can trigger code execution in Node.js/Electron, e.g., via an onerror attribute in an IMG element. Connected so...
CVE-2019-17625
There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...