Malicious Package

Overview francium-web-visitors is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in francium-web-visitors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72629df67c0b81a1d120987aca534bd8096a0cbb2a9898a327a2dc2d1b8a0a49 The package francium-web-visitors was found to contain malicious code. Source: ghsa-malware...

MAL-2026-243 Malicious code in francium-web-visitors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72629df67c0b81a1d120987aca534bd8096a0cbb2a9898a327a2dc2d1b8a0a49 The package francium-web-visitors was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-2406

Malicious code in francium-web-visitors npm...

Ultimate Product Catalogue <= 3.1.2 - Unauthenticated SQL Injection

Unauthenticated SQL injection in ajax call when the plugin is counting the times a product is being seen by the web visitors. The vulnerable POST parameter is "ItemID". Vulnerable code: In file Functions/ProcessAjax.php line 67: ... $ItemID = $POST'ItemID'; $Item = $wpdb-getrow"SELECT ItemViews...

WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)

Exploit Title: Unauthenticated SQLi in ItemID POST parameter on Ultimate Product Catalogue wordpress plugin Google Dork: inurl:"SingleProduct" intext:"Back to catalogue" intext:"Category", inurl:"/wp-content/plugins/ultimate-product-catalogue/product-sheets/" Date: 22/04/2015 Exploit Author: Feli...