57 matches found
Missing Authorization
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Missing Authorization in the add.json.php process. An attacker can gain unauthorized control over another user's broadcast schedules and execute rebroadcasts as th...
CVE-2026-34245
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/PlayLists/View/Playlistsschedules/add.json.php endpoint allows any authenticated user with streaming permission to create or modify broadcast schedules targeting any playlist on the platform, regardless...
Malicious code in kisut-diug-damifoa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4301501dff2d7b2c475494d391970a0a11802f200ac2462b371cd44e056ff18b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183944 Malicious code in mitali-don-olikiakma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d14d186393c02c2979ed95c01ce753557e0d3902d5d37e46ff928a5e246a712 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in modaiv-kvu-ibuab (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46ba42ad0a76390f74a368e3740557a49fc79ea968a50bfc6869f61192a23d58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lookingan-nanakila19 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d5bcd7880f2414a83154acf41974edf5f6e4ef9b4a3f2842bd8cfb5af9e17a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179707 Malicious code in kisut-faig-dikanamufamui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa423b162822612b0a04b783d2b082ddacd0e29ba17318f07a22d914c8e0150a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hitachi-poke39 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4818376e7fb7d9a141b94659759f56d3797cc84c25ae487943c18d85efec7d0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-173049 Malicious code in anita-manuat-ma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31eded59ea6b6bd82960c1d29d663ccdd320e60d4379361bca391cd7cb0b3d19 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-171968 Malicious code in unhar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7f0b8efcdc067df9f05330aee02e57165fab9e79975110d0513a4b900e859a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-157814 Malicious code in kuinsu-uki-vilaimi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f129981a5b8b28cb8b41f95ec9cecb7f6ad20ef05564e2486a5acbeaad1daf7f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-156140 Malicious code in ilal-poke38 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27366417758a82c087b277992143cf1b282c75045d25d1728b9e4fe148c3e51a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lookingan-namakiki76 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d545bd43001bfabe86c0d7b51bf0e6f527ab501a500a1b9ea6165d70c65dd7b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in akabia-aliguamafi-agouabuva (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b94968892334c297ea2952d47a49baedd2aa6bd2934cd0fbfc616524f7af716 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-152145 Malicious code in akabia-aligma-agiubva (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e83bd445c18280ca5cf35af3f29ffee1d256d78b13bde0166987b32033daae52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fadila-poke70 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb3d7fbb144b3edc3f95c62112e04797e87323921e620c12419e102404f3f29e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-170504 Malicious code in verify-tayic-iamsunasi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bc01de84b873a8d7acf0a669e67f8a2cc88c5388526bef4d02bcb5616cda884 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-155081 Malicious code in fini-savion-tra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5e72b20f945e70d162959d7fc9b812249c334375f9ddba5e1dcceecaa8f0ac6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in loglevel-markdown-wolf-elektra (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31beec34a4f56a2c17a4993afda0334fde1b331a350a2b875e59aa391ed9c172 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in protractor-miranda-mensa-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17a8cf61132b136b96bfab4a1fa37e312363717bedabfccced7db087db1b0eb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...