Malicious code in 2fa-exe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df3ad6044ca4d17d594aa3aa0d1a75d1dbf3ebf483d0dd1b04d502277674a8cc Package advertises itself as an SVG fetcher/sanitizer but ships an undocumented exported factory getPlugin in index.js that performs an HTTPS GET to...

MAL-2026-4817 Malicious code in chainix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93d9609d2eac0c0ff33aed557171138930255798aa649fa648b04814c8cb1908 Package presents itself as a pino-compatible logger README badges link to pinojs/pino, exports alias module.exports.pino = middleware but its exporte...

Malicious code in chainix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93d9609d2eac0c0ff33aed557171138930255798aa649fa648b04814c8cb1908 Package presents itself as a pino-compatible logger README badges link to pinojs/pino, exports alias module.exports.pino = middleware but its exporte...

Malicious code in react-ui-polyfills (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63c43460df1ee670b8a5982d77e7028aef7df25fa38922f743489fd52b41b5ea Package advertises itself as React polyfills / UI compatibility helpers but ships no React or polyfill code. The exported getPlugin function returns ...

Huawei EulerOS: Security Advisory for haproxy (EulerOS-SA-2026-1211)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2020-12926

Malware in sbrugna...

CVE-2020-20139

Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...

Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version: Flexmonster Pivot Table & Charts 2.7.17 Tested on: Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20139...

CVE-2020-20139

Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...

Cross site scripting

Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...

CVE-2020-20139

CVE-2020-20139 is a reflected XSS vulnerability in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote JSON component under the Connect menu. The root cause is insufficient input sanitization of the 'path' parameter when fetching file specifications via file_specs.php, enabling potentia...

CVE-2020-20139

Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...

Flexmonster Pivot Table & Charts Cross-Site Scripting Vulnerability

Flexmonster Pivot Table & Charts is a Javascript-based codebase for viewing, analyzing, and managing multidimensional data online from Flexmonster. A cross-site scripting vulnerability exists in Flexmonster Pivot Table & Charts 2.7.17, which originates in the Remote JSON component Under the Conne...

Flexmonster Pivot Table And Charts 2.7.17 Cross Site Scripting

Exploit Title: CVE-2020-20140 : Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17 Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: n/a Software Link: n/a Version:Flexmonster Pivot Table & Charts 2.7.17...