Malicious code in yarn-design-system-react-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f71484235bb938827b22ed947508c7d827b1c3a707c1268e63845de0c538e354 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7311 Malicious code in yahoo-react-multi-select-box (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59b42c16c52333b42adb394c8784f37abd19319bd11704e6381f6c1af61d4d1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-7314 Malicious code in yahoo-react-select-box (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1a8706063b885d37403820af35d03bc7bffb582875ec84783fa0b273b6680d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-select-v1-deprecated (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d29d5cb498fe3472e1d7bf13f449cf73407728a4f7493ee3ccd8af301c71308 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5672 Malicious code in react-select-v1-deprecated (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d29d5cb498fe3472e1d7bf13f449cf73407728a4f7493ee3ccd8af301c71308 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-1969

The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the adminupdatedata function. This makes it possible for unauthenticated attackers to inject malicious...

WordPress plugin Mobile browser color select 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2022-14227 · WordPress · Mobile Browser Color Select Plugin

Name of the Vulnerable Software and Affected Versions: Mobile browser color select plugin for WordPress versions up to, and including, 1.0.1 Description: The issue is due to missing or incorrect nonce validation on the admin update data function, making it possible for unauthenticated attackers t...

Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer

There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This vulnerability has been assigned the CVE identifier CVE-2022-32209. Versions Affected: ALL Not affected: NONE Fixed Versions: v1.4.3 Impact A possible XSS vulnerability with certain configurations of...

Demokratian SQL注入漏洞

Demokratian is a web application for voting in a simple and secure way.Demokratian is vulnerable to SQL injection. The vulnerability stems from a sql injection issue in the idprovincia parameter of the basicosphp/generaselect.php file. An attacker could exploit the vulnerability to cause SQL...

CVE-2022-30836

Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php...

CVE-2022-30836

Wedding Management System v1.0 is vulnerable to SQL Injection. via Wedding-Management/admin/select.php...

WordPress Mobile Browser Color Select plugin <= 1.0.1 - Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability

Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability was discovered by Tsubasa Imaizumi Cryptography Laboratory at Tokyo Denki University in the WordPress Mobile Browser Color Select plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed ...

DEBIAN-CVE-2022-31015

Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...

PYSEC-2022-205

Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...

EulerOS 2.0 SP3 : mariadb (EulerOS-SA-2022-1746)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

CVE-2022-29651

An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-29651

An arbitrary file upload vulnerability in the Select Image function of Online Food Ordering System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Online Food Ordering System 代码问题漏洞

Online Food Ordering System is an online food ordering system. An arbitrary file upload vulnerability exists in Online Food Ordering System version 1.0, which stems from the lack of validation of uploaded files in the Select Image feature, and can be exploited to upload a malicious file that can ...

GHSA-2F58-VF6G-6P8X MediaWiki Cross-site Scripting (XSS) vulnerability

An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped instead of text...