MAL-2025-119075 Malicious code in cici-buburayam12-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a571ebbc10cb8eac33e5ea3830e982cca7baac4b211fd217c2c118d757108be6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-23472

Malicious code in bioql PyPI...

EUVD-2025-23339

Malicious code in bioql PyPI...

EUVD-2021-33528

Malicious code in bioql PyPI...

EUVD-2021-33529

Malicious code in bioql PyPI...

MAL-2025-37176 Malicious code in treasure-yarn-wea438-project (npm)

The package treasure-yarn-wea438-project was found to contain malicious code...

MAL-2025-20664 Malicious code in flame-treasure-nsk229-project (npm)

The package flame-treasure-nsk229-project was found to contain malicious code...

Malicious code in treasure-yarn-wea438-project (npm)

The package treasure-yarn-wea438-project was found to contain malicious code...

Malicious code in flame-treasure-nsk229-project (npm)

The package flame-treasure-nsk229-project was found to contain malicious code...

CVE-2025-8504

A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-8437

A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclose...

CVE-2025-8504

A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-8504

A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-8504 code-projects Kitchen Treasure userregistration.php unrestricted upload

A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-8504

CVE-2025-8504 affects code-projects Kitchen Treasure 1.0. The vulnerability is in an unknown part of /userregistration.php where manipulating the photo parameter leads to unrestricted file upload, and exploitation can be performed remotely. Multiple sources (NVD/NVD-affiliate feeds, Red Hat, CVE ...

CVE-2025-8504 code-projects Kitchen Treasure userregistration.php unrestricted upload

A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has...

Code-Projects Kitchen Treasure 代码问题漏洞

Code-Projects Kitchen Treasure is an open source kitchen software from Code-Projects. A code issue vulnerability exists in Code-Projects Kitchen Treasure version 1.0, which stems from the incorrect manipulation of the parameter photo in the file /userregistration.php resulting in unlimited upload...

PT-2025-31778 · Code Projects · Kitchen Treasure

Name of the Vulnerable Software and Affected Versions: code-projects Kitchen Treasure version 1.0 Description: A critical vulnerability exists in code-projects Kitchen Treasure. The issue affects an unknown part of the file /userregistration.php. Manipulation of the photo argument leads to...

CVE-2025-8437

A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclose...

CVE-2025-8437

A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclose...