79 matches found
CVE-2023-53985
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985 Zstore 6.5.4 - Reflected Cross-Site Scripting (XSS)
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
CVE-2023-53985 Zstore 6.5.4 - Reflected Cross-Site Scripting (XSS)
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in...
Zippy-CRM 跨站脚本漏洞
Zippy-CRM is an accounting system with a web interface by Leon Personal Developer. A cross-site scripting vulnerability exists in Zippy-CRM version 6.5.4 that stems from unvalidated input parameters and could lead to a reflected cross-site scripting attack...
PT-2026-2417
Name of the Vulnerable Software and Affected Versions Zippy CRM version 6.5.4 Description The software contains a reflected cross-site scripting issue that enables attackers to inject malicious scripts via unvalidated input parameters. Attackers can submit crafted payloads in manual insertion...
EUVD-2025-99318
Malicious code in zippyweaselz3n npm...
Malicious code in zippy_bass_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c002b4a3d86ee9902a01349076a76d59f7e327a028ed461c480a4a41913a4c23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-93598
Malicious code in zippysnipez3n npm...
Malicious code in zippy_tarantula-appteadev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0eeefa2515acaadc3022975249ad3caa109ce72517eea61400ad92601e2412f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-75112
Malicious code in zippytarantula-appteadev npm...
EUVD-2025-83119
Malicious code in zippytermitez3n npm...
MAL-2025-97545 Malicious code in zippy_piranha_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6b1d3b942c5a9318687c6bed29835e57013350f71c2b08a5dadc1365abadf1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zippy_cod_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b888a12ec3c94c590a8e5ee319d6d921eddabdc4f76b64f003027387edb5b40f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-82770 Malicious code in zippy_whippet_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5c298a7560f304dda34bf3769f6ba2cfae8b29211945a8acda181f6a7d421b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in zippy-green-alpaca (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca3e020b7eae784c2807e8f9a4f563cbac998c5878f005132b89ed043b28aac5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-50863
Malicious code in zippy-scarlet-ant npm...
EUVD-2025-50865
Malicious code in zippy-green-alpaca npm...
EUVD-2025-50867
Malicious code in zippy-aqua-deer npm...