MAL-2025-5530 Malicious code in youku-search (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b00b0a5a0eba683c7f82dad3045f887ca7a71565b92dd9beaa8b3e54bc74b03c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in youku-search (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b00b0a5a0eba683c7f82dad3045f887ca7a71565b92dd9beaa8b3e54bc74b03c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SQL Injection Vulnerability in the Classifieds Navigation System of Youk365 Website (CNVD-2021-52070)

Uc365 website classification and navigation system is a cross-platform open source software, based on PHP + MYSQL development and construction of open source website classification and catalog management system. Uke365 website category navigation system SQL injection vulnerability , attackers can...

Weak password vulnerability in Youku Tudou Routerbot

Youku Tudou Routerbo is a smart router. A weak password vulnerability exists in Youku Tudou Routerbo, which can be exploited by attackers to obtain sensitive information...

Unauthorized Access Vulnerability in Youku Routerbot

Youku Routerbot is a smart router. Unauthorized access vulnerability exists in Youku Routerbao, which can be exploited by attackers to obtain sensitive information...

Youku (Windows client) suffers from a dll hijacking vulnerability

Youku is a video platform under the Big Youku Business Group of Alibaba Culture & Entertainment Group. A dll hijacking vulnerability exists in Youku Windows client. An attacker can exploit this vulnerability to execute malicious code...

Panda Accelerator of Jiangsu Youku Network Technology Co. Ltd. suffers from dll hijacking vulnerability

Panda gas pedal is a powerful online game gas pedal, using a new node intelligent matching algorithm, more stable and reliable transmission channel, optimized for steam and other platforms, effectively solving the problem of high latency and other issues for players. Ltd. Panda gas pedal dll...

Command Execution Vulnerability in Youku Video PC Client Software

Youku is a video platform under the Big Youku Business Group of Alibaba Culture & Entertainment Group. A command execution vulnerability exists in the Youku Video pc client software, which allows an attacker to inject an executable DLL file into the client process to perform arbitrary functions...

Youku client update process suffers from arbitrary file download vulnerability

Youku PC client is a video player that supports both online and local use. An arbitrary file download vulnerability exists in the Youku PC client update process. The vulnerability is caused by the client update process using an insecure HTTP communication protocol to interact with the server, and...

Memory Corruption Vulnerability in Youku PC Player (CNVD-2017-35557)

Youku PC Player is video player software for Youku.com. A memory corruption vulnerability exists in YoukuNplayer.exe of Youku P Player when parsing special vob video files, which can be exploited by attackers to cause a denial of service or code execution...

Memory Corruption Vulnerability in Youku PC Player (CNVD-2017-34143)

Youku PC Player is video player software for Youku.com. A memory corruption vulnerability exists in YoukuNplayer.exe when parsing special 3gp video files, which can be exploited by attackers to cause a denial of service or code execution...

Buffer Overflow Vulnerability in Youku PC Player

Youku PC Player is a video player for Youku.com. YoukuNplayer.exe is vulnerable to a buffer overflow vulnerability when parsing special vod files. An attacker exploiting this vulnerability could cause a denial of service or execute arbitrary code...

Memory Corruption Vulnerability in Youku PC Player

Youku PC Player is a video player for Youku.com. A memory corruption vulnerability exists in YoukuNplayer.exe when parsing special mp4 files, which can be exploited by attackers to cause a denial of service...

Code Execution Vulnerability in Youku PC Client

Youku pc client is a video player that supports both online and local use. A remote code execution vulnerability exists in Youku PC client. The vulnerability is caused due to the failure of the browser ActiveX object to effectively filter incoming parameters, which can be exploited by an attacker...

youku.com XSS vulnerability

Vulnerable URL: http://www.youku.com/volist/c100g%E7%BE%8E%E5%B0%91%E5%A5%B3s1d1pt1.html?h=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 01.06.2016 Latest check for patch:| 01.06.2016 00:23 GMT Vulnerability type:| XSS Vulnerability...

youku.com XSS vulnerability

Vulnerable URL: http://www.youku.com/volist/c100g%E7%BE%8E%E5%B0%91%E5%A5%B3s1d1pt1.html?a=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 01.06.2016 Latest check for patch:| 01.06.2016 00:22 GMT Vulnerability type:| XSS Vulnerability...

Youku Client Detection

Binary data 8296.prm...

Youku open platform storage type XSS script attack vulnerability success hijacking the background-bug warning-the black bar safety net

Youku open platform in the“Create an application”feature of the plurality of fields, not from the client to submit the variables into the database, the output of the safety of the escape process. http://open.youku.com/app/create ! Lead can be directly stepped into the background. Vulnerability...

iphone end Taobao,Netease,youku Application Data transmission vulnerability-vulnerability warning-the black bar safety net

Lethal leaderboards【Iphone 9 1 assistant recommended list within the software disclosure of user information Full street smart machine. Full street public WIFI and the phone side of the application but worrying ! On the figure for the iphone end of the lower test platform The current wireless...

New Trojan Targets User Credentials on Popular Sites

A new information-stealing Trojan, believed to be of Chinese origin, has been identified by Avira researchers. This malware targets usernames and passwords for a variety of popular websites, including YouTube, Google, and PayPal, as well as Chinese sites like Youku, Tudou, Sogou, and Soho. The...