267 matches found
MAL-2024-12268 Malicious code in expkg-am (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 36b7980049911172764372f2e4d93b74e1ff019b9c6f9860be544e91f7f79a28 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in artifact-lab-3-package-2387a34d (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fee5bd32875c77b424ebb9a32f5c20b4dbfa892c17655622ba445be401db32d4 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...
Malicious code in artifact-lab-3-package-153c1c1a (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ca958fff07cca914aa6f60bc0a1f7c81bb8b45e755a780830b720ab7087e410e Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...
Malicious code in blabb111 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ffda2d8463a0c5bb11dd5c29ecff67cf6b958e1edf44822e749327c8d155817e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in comfyui-node-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0dbe79c5cd8f170a46216b0bf557c0f4c5f65d712660985f0c3059b875601b0a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in wave-opensdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5dbda9bf70afa0311dbd7b22b5209531b90399bcc4a5cd5846d3f5fa89314f47 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in c8test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b94beda1abe6cca6b53ac1891e3a3baea95df1b8c260dd9f4ea15998e26391b9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in google-cloud-datacatalog-lineage-producer-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 73ea760146181d2911e0823c121502506892b2e63d3fc20d6281fb2c86e03de8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12249 Malicious code in companyx-metaflow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ec7089679a9c5637609b94cb606e78aa693a8bd224ba334ca46b3f48c54169c1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in rtxt-dep2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3a0cd03149005afa6cc505bea16d80c21f5bbbd226c16c659ed6abb41cf730a2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12315 Malicious code in oaieval (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fd257dee43f966eaacc56e07462eae9170a8a81dc1be6f0df9145f8c3a44de59 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12248 Malicious code in comfyui-node-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0dbe79c5cd8f170a46216b0bf557c0f4c5f65d712660985f0c3059b875601b0a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12191 Malicious code in appsec-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c03052298655ba853abe857c8ebbdf21fbb59942800dd2e86aeffbd8ed2751bc Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12356 Malicious code in szn-search-mlops-common (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 062d7a1b66afdb645fe65b5cc0fbd6d24390d777892168de0b2f73c5e63f2320 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12247 Malicious code in comfyui-node-pkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d14c72a2c0a980d7106ed7e451501074521e6282c64d87f689b4b758f877d2ea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12265 Malicious code in evil-pkk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 08a7017f27a32357776a4c781a0f5d29d48569562b97c03f91811af7aaaac2ca Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12232 Malicious code in ceiec (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d5cf3c4a49bc4c150ae7b4c95975b54be29f9c7b2ec4951a9c1d9e846f15e85d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
BIT-PHPMYADMIN-2022-23808
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...
UBUNTU-CVE-2024-23831
LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...
GLSA-202311-17 : phpMyAdmin: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202311-17 phpMyAdmin: Multiple Vulnerabilities - PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pmaparameter, and the...