Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7d8f3ef8e6fa016bfc17617ebcedce012c6cce870d89564965a476c3ec8da1c The tarball contains live, importable credentials for systems other than the installer's own. src/controllers/internalTrax.controller.js hardcodes...

MAL-2026-4682 Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7d8f3ef8e6fa016bfc17617ebcedce012c6cce870d89564965a476c3ec8da1c The tarball contains live, importable credentials for systems other than the installer's own. src/controllers/internalTrax.controller.js hardcodes...

EUVD-2025-18626

Malicious code in bioql PyPI...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

EfroTech Time Trax 安全漏洞

EfroTech Time Trax is a human resources and business operations management system from EfroTech Pakistan. A security vulnerability exists in EfroTech Time Trax v1.0, which stems from an unrestricted file attachment feature that could lead to the execution of arbitrary code...

PT-2025-26162 · Efrotech · Efrotech Timetrax

Name of the Vulnerable Software and Affected Versions: EfroTech Time Trax version 1.0 Description: An issue in EfroTech Time Trax allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form. This issue is related to the CWE-434 Unrestricted Upload...

CVE-2025-46157

CVE-2025-46157 affects EfroTech Time Trax v1.0, specifically the Leave Request form in the Attendance module. The issue is an unrestricted file upload/weak server-side validation that enables remote code execution (RCE) by uploading a crafted file (e.g., changing a .txt to .asp). The CVSS v3.1 ba...

CVE-2024-11394

A flaw was found in the Trax model of the Hugging Face Transformers library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. This flaw allows an attacker to execute code in the context of the current user...

PYSEC-2024-229

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

CVE-2024-11394

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

CVE-2024-11394 Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th...

BDSMIS TraX with Payroll SQL Injection Vulnerability

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:BDSMIS TraX with Payroll SQL Vulnerable Code: ASP 3.0 & VBScript Vendor url:http://bdsmis.com Version:4.2 Price:89$ Published: 2010-06-1 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue,...

BDSMIS TraX with Payroll SQL Vulnerable

Exploit for asp platform in category web applications ======================================= BDSMIS TraX with Payroll SQL Vulnerable ======================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ ...

BDSMIS TraX with Payroll - SQL Injection

BDSMIS TraX with Payroll - SQL Injection 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...

BDSMIS TraX with Payroll - SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...