40 matches found
CVE-2021-33496
Dutchcoders transfer.sh before 1.2.4 allows XSS via an inline view...
EUVD-2021-1414
Malware in sbrugna...
EUVD-2021-1310
Malware in sbrugna...
EUVD-2022-6901
Malicious code in bioql PyPI...
CVE-2022-40931
dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting XSS...
CVE-2021-33497
Dutchcoders transfer.sh before 1.2.4 allows Directory Traversal for deleting files...
GO-2022-0925 Path Traversal in Dutchcoders transfer.sh in github.com/dutchcoders/transfer.sh
Path Traversal in Dutchcoders transfer.sh in github.com/dutchcoders/transfer.sh...
GO-2022-0924 Cross-site scripting in Dutchcoders transfer.sh in github.com/dutchcoders/transfer.sh
Cross-site scripting in Dutchcoders transfer.sh in github.com/dutchcoders/transfer.sh...
New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. "Underpinning this campaign was the use of transfer.sh," Cado Security said in a report shared with The...
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
A malicious Python package uploaded to the Python Package Index PyPI has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind...
Cross-site Scripting (XSS)
github.com/dutchcoders/transfer.sh is vulnerable to cross-site scriptingXSS attacks. The library is unable to determine the content type of the file inserted through ContentType metadata, which allows an attacker to inject and execute malicious javascript on victim's browser...
GHSA-PWQ7-F7F9-CM2J Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload
dutchcoders Transfer.sh versions 1.4.0 and prior are vulnerable to Cross Site Scripting XSS via a malicious document uploaded in transfer.sh. There is a fix commit merged into main for this issue, but an updated version has not yet been released...
Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload
dutchcoders Transfer.sh versions 1.4.0 and prior are vulnerable to Cross Site Scripting XSS via a malicious document uploaded in transfer.sh. There is a fix commit merged into main for this issue, but an updated version has not yet been released...
CVE-2022-40931
dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting XSS...
CVE-2022-40931
dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting XSS...
Cross site scripting
dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting XSS...
CVE-2022-40931
dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting XSS...
CVE-2022-40931
CVE-2022-40931 affects dutchcoders Transfer.sh 1.4.0 with a Cross-Site Scripting (XSS) vulnerability. Public sources summarize XSS through malicious content uploads and an inability to properly infer content type, enabling injected JavaScript in affected clients. Documents consistently identify T...
CVE-2022-40931
dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting XSS...
Dutchcoders Transfer.sh 跨站脚本漏洞
Transfer.sh is a sh script for Dutchcoders to create shared files. Easily and quickly share files via the command line. This code contains everything needed for the server as well as creating your own instance. A security vulnerability exists in Dutchcoders Transfer.sh version 1.4.0 that stems fr...