Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

EUVD-2025-198772

Malicious code in shinhan-limit-scrap npm...

Malicious code in shinhan-limit-scrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dae6aee79d5386d3525290fdc37160052ab2cfc88cfe444751cf1e0c09122b48 The package shinhan-limit-scrap was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190782 Malicious code in shinhan-limit-scrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dae6aee79d5386d3525290fdc37160052ab2cfc88cfe444751cf1e0c09122b48 The package shinhan-limit-scrap was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-35092

An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...

CVE-2025-61488

An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...

CVE-2025-61488

An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...

CVE-2025-61488

An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...

CVE-2025-61488

An issue in Senayan Library Management System SLiMS 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrapimage.php component and the imageURL parameter...

SLiMS 9 Bulian 安全漏洞

SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which stems from...

scrap-casket.jp Cross Site Scripting vulnerability OBB-3876152

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

scrap-anika.ru Cross Site Scripting vulnerability OBB-3869855

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

scrapcarremoval-eagle.com Improper Access Control vulnerability OBB-3810370

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

scrap-wire-stripper.com Cross Site Scripting vulnerability OBB-3230851

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] Fedora 35 Update: golang-github-prometheus-prom2json-1.3.0-8.20210811git90766c0.fc35

A tool to scrape a Prometheus client and dump the result as JSON...

scrap-casket.jp Cross Site Scripting vulnerability OBB-2671610

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

XML Entity Injection Vulnerability in Scrap Recycling Alliance App

Scrap Recycling Union APP is a mobile software that focuses on the functions related to scrap recycling. The Scrap Recycling Alliance APP suffers from an XML entity injection vulnerability. An attacker can exploit the vulnerability by constructing malicious entities that result in the execution o...

Jshole - A JavaScript Components Vulnrability Scanner, Based On RetireJS

A JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS? By default, RetireJS only searches one page, but JShole tries to crawl all pages. How it works? Get Started Requirements requests Install git clone https://github.com/callforpapers-source/jshole.g...

scrap-casket.jp Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1173399 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

scrap-n-crop.com Cross Site Scripting vulnerability OBB-1083754

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...