Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c14d60a97b056e00cb3055bd07605c2f16482794e5860fee68cab46f308893d The package tarball includes a Google Cloud service-account JSON file fir-51e77-firebase-adminsdk-x3sdp-fd902b74ae.json containing a live RSA private...

MAL-2026-4682 Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c14d60a97b056e00cb3055bd07605c2f16482794e5860fee68cab46f308893d The package tarball includes a Google Cloud service-account JSON file fir-51e77-firebase-adminsdk-x3sdp-fd902b74ae.json containing a live RSA private...

EUVD-2025-18626

Malicious code in bioql PyPI...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

PT-2025-26162 · Efrotech · Efrotech Timetrax

Name of the Vulnerable Software and Affected Versions: EfroTech Time Trax version 1.0 Description: An issue in EfroTech Time Trax allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form. This issue is related to the CWE-434 Unrestricted Upload...

EfroTech Time Trax 安全漏洞

EfroTech Time Trax is a human resources and business operations management system from EfroTech Pakistan. A security vulnerability exists in EfroTech Time Trax v1.0, which stems from an unrestricted file attachment feature that could lead to the execution of arbitrary code...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

CVE-2025-46157

CVE-2025-46157 affects EfroTech Time Trax v1.0, specifically the Leave Request form in the Attendance module. The issue is an unrestricted file upload/weak server-side validation that enables remote code execution (RCE) by uploading a crafted file (e.g., changing a .txt to .asp). The CVSS v3.1 ba...

CVE-2024-11394

A flaw was found in the Trax model of the Hugging Face Transformers library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. This flaw allows an attacker to execute code in the context of the current user...

CVE-2024-11394

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

PYSEC-2024-229

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

CVE-2024-11394 Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

BDSMIS TraX with Payroll SQL Injection Vulnerability

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:BDSMIS TraX with Payroll SQL Vulnerable Code: ASP 3.0 & VBScript Vendor url:http://bdsmis.com Version:4.2 Price:89$ Published: 2010-06-1 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue,...

BDSMIS TraX with Payroll - SQL Injection

BDSMIS TraX with Payroll - SQL Injection 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...

BDSMIS TraX with Payroll SQL Vulnerable

Exploit for asp platform in category web applications ======================================= BDSMIS TraX with Payroll SQL Vulnerable ======================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ ...

BDSMIS TraX with Payroll - SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...