13 matches found
EUVD-2021-14319
Malware in sbrugna...
EUVD-2023-0433
Malicious code in bioql PyPI...
CVE-2022-25926
Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization...
Command Injection
window-control is vulnerable to command injection. The vulnerability exists due to the lack of validation of user input in the sendKeys function of index.js, which allows an attacker to inject and execute malicious commands...
GHSA-9MJX-WFQP-J5PH window-control vulnerable to Command Injection due to improper input sanitization
window-control is an npm package that provides tools to manage window focus. Versions before 1.4.5 are vulnerable to Command Injection via the sendKeys function due to improper input sanitization...
CVE-2022-25926
Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization...
Command injection
Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization...
CVE-2022-25926
Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization...
CVE-2022-25926
Versions of the package window-control before 1.4.5 are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization...
CVE-2022-25926
The CVE-2022-25926 entry concerns the npm package window-control . The vulnerability affects versions prior to 1.4.5 , where the function sendKeys does not properly sanitize input, leading to command injection . The issue is described across multiple sources (e.g., Red Hat, Snyk, GHSA advisories)...
window-control 安全漏洞
window-control is a package from Bruno Robert's personal developer. It is designed to perform tasks similar to robot.js without mouse control, but without compiling external C++ code. A security vulnerability exists in window-control versions prior to 1.4.5, which stems from incorrect input and i...
PT-2023-12837 · Npm · Window-Control
Name of the Vulnerable Software and Affected Versions: window-control versions prior to 1.4.5 Description: The issue is related to Command Injection via the sendKeys function due to improper input sanitization. This affects an npm package that provides tools to manage window focus. Recommendation...
Command Injection
Overview window-control is a package aimed to do similar tasks as robot.js without mouse control but without the compiling of external C++ code. Affected versions of this package are vulnerable to Command Injection via the sendKeys function, due to improper input sanitization. PoC js var root...