Lucene search
K

4072 matches found

Huntr
Huntr
•added 2020/10/23 12:0 a.m.•8 views

Prototype Pollution in coderaiser/nessy

Description nessy is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var nessy = require"nessy" var obj = console.log"Before : " +...

1.8AI score
Exploits0
Huntr
Huntr
•added 2020/10/22 12:0 a.m.•16 views

Prototype Pollution in sonnyp/json8

Description json8-pointer is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var json8Pointer = require"json8-pointer"...

2.1AI score
Exploits0
Huntr
Huntr
•added 2020/10/22 12:0 a.m.•13 views

Prototype Pollution in sonnyp/json8

Description json8-patch is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var json8Patch = require"json8-patch" var obj = const pat...

1.3AI score
Exploits0
Huntr
Huntr
•added 2020/10/20 12:0 a.m.•10 views

Cross-site Scripting (XSS) - Generic in alibaba/bizcharts

Description bizcharts is vulnerable to Cross-Site Scripting XSS. Steps To Reproduce-: 1. Open NPM repo https://www.npmjs.com/package/bizcharts 2. Open the demo https://bizcharts.net/product/BizCharts4/gallery 3. Select any chartI used pie chart Ex: https://bizcharts.net/product/BizCharts4/demo/37...

Exploits0
Huntr
Huntr
•added 2020/10/16 12:0 a.m.•22 views

in microweber/microweber

Description microweber/microweber is vulnerable to Arbitrary File Upload. Effective controls have not been implemented to restrict users from uploading malicious content to the web server. Files containing code like .php, .exe and etc can be uploaded successfully. Steps To Reproduce-: 1. Login in...

7.5CVSS2AI score0.01299EPSS
Exploits0
Huntr
Huntr
•added 2020/10/15 12:0 a.m.•32 views

Denial of Service in locutusjs/locutus

Description locutus is vulnerable to ReDoS. The regular expression at src/php/network/inetpton.js:24 is vulnerable to ReDoS. It is possible to cause increasing slow-downs which lock the event loop by passing strings which have some number of repeating a characters followed by a . character. For...

7.5CVSS0.5AI score0.02753EPSS
Exploits1References1
Huntr
Huntr
•added 2020/10/15 12:0 a.m.•39 views

Prototype Pollution in yargs/y18n

Description y18n is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js const y18n = require'y18n'; var obj = console.log"Before : " +...

7.5CVSS1.8AI score0.69062EPSS
Exploits1
Huntr
Huntr
•added 2020/10/12 12:0 a.m.•11 views

Prototype Pollution in sagold/gson-query

Description gson-query is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var gsonQuery = require"gson-query" var obj =...

1.9AI score
Exploits0
Huntr
Huntr
•added 2020/10/12 12:0 a.m.•21 views

Prototype Pollution in starcounter-jack/json-patch

Description fast-json-patch is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js let fastjsonpatch = require"fast-json-patch"; functio...

1.2AI score
Exploits0
Huntr
Huntr
•added 2020/09/24 12:0 a.m.•12 views

Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr

Description The application is vulnerable to html injection in password reset functionality. PoC CLICK ME...

0.9AI score
Exploits0
Huntr
Huntr
•added 2020/09/23 12:0 a.m.•29 views

Prototype Pollution in yeikos/js.merge

Overview merge is used to merge multiple objects into one object. Affected versions of this package are vulnerable to Prototype Pollution via the merge.recursive function. It can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all object...

7.5CVSS2.9AI score0.01443EPSS
Exploits0
Huntr
Huntr
•added 2020/09/17 12:0 a.m.•22 views

in seleniumhq/selenium

Description Selenium is an umbrella project encapsulating a variety of tools and libraries enabling web browser automation. Selenium specifically provides infrastructure for the W3C WebDriver specification — a platform and language-neutral coding interface compatible with all major web browsers...

2.3AI score
Exploits0
Huntr
Huntr
•added 2020/09/15 12:0 a.m.•13 views

Prototype Pollution in liriliri/licia

Description licia package is vulnerable to prototype pollution issue files can be found in https://github.com/liriliri/licia/blob/master/src/e/extendDeep.js & https://github.com/liriliri/licia/blob/master/src/s/safeSet.jsL46 Proof of Concept 1. Creating poc filed js var utils = require'licia'; va...

1.1AI score
Exploits0
Huntr
Huntr
•added 2020/09/14 12:0 a.m.•55 views

Prototype Pollution in mariocasciaro/object-path

Overview object-path is a tiny JavaScript utility to access deep properties using a path for Node and the Browser Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. JavaScript allows all Object attributes to be...

6.8CVSS0.8AI score0.01528EPSS
Exploits0
Huntr
Huntr
•added 2020/09/14 12:0 a.m.•16 views

Prototype Pollution in pierreinglebert/json-merge-patch

Description json-merge-patch is vulnerable to Prototype Pollution. This package fails to restrict access to prototypes of objects, allowing for modification of prototype behavior using a proto payload, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following Po...

1.7AI score
Exploits0
Huntr
Huntr
•added 2020/09/13 12:0 a.m.•10 views

Cross-site Scripting (XSS) - Generic in forkcms/forkcms

Description ForkCMS is an easy to use open source CMS using Symfony Components this package is vulnerable to Stored Cross-Site Scripting XSS. https://github.com/forkcms/forkcms Steps To Reproduce-: 1 install https://github.com/forkcms/forkcms locally or https://demo.fork-cms.com/private/ use demo...

6.4AI score
Exploits0References1
Huntr
Huntr
•added 2020/09/13 12:0 a.m.•9 views

Cross-site Scripting (XSS) - Generic in jsdecena/laracom

Description LaracomLaravel FREE E-Commerce Software this package is vulnerable to Stored Cross-Site Scripting XSS. https://github.com/jsdecena/laracom Steps To Reproduce-: 1 install https://github.com/jsdecena/laracom locally or https://shop.laracom.net/ use demo 2 in search bar enter javascript...

4.3CVSS0.3AI score0.00875EPSS
Exploits1References1
Huntr
Huntr
•added 2020/09/13 12:0 a.m.•25 views

Exposure of Sensitive Information to an Unauthorized Actor in traduora/traduora

Description Username Enumeration in traduora. Proof of Concept 1. setup traduora to reproduce the vulnerability 2. go to sign in page http://localhost:8080/login 3. Append non registered user email and password it shows Error,resource not found 4. when Appending correct username and fake password...

0.2AI score
Exploits0References2
Huntr
Huntr
•added 2020/09/09 12:0 a.m.•13 views

Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr

Description This package is vulnerable to Cross-site Scripting XSS. The module renders user controllable value in the browser. In "card-rec.php" file, user controllable value coming from "$POST"titre" is directly appended to input field which will reflect back user provided string. An Attacker ca...

0.9AI score
Exploits0
Huntr
Huntr
•added 2020/09/08 12:0 a.m.•13 views

Prototype Pollution in whitfin/dot-notes-js

Overview dot-notes is a Two way conversions between objects and dot/bracket notation. This package are vulnerable to Prototype Pollution via. the create function. Proof of Concept const dots = require'dot-notes'; dots.create, 'proto.polluted', true; console.logpolluted;...

4.9AI score
Exploits0
Huntr
Huntr
•added 2020/09/08 12:0 a.m.•11 views

Prototype Pollution in acstll/deep-get-set

Description deep-set-get is a Set and get values on objects via dot-notation strings. This package is vulnerable to prototype pollution. POC const deep = require'deep-get-set'; deep,'proto','polluted',true; console.logpolluted;...

2AI score
Exploits0
Huntr
Huntr
•added 2020/09/05 12:0 a.m.•21 views

Cross-site Scripting (XSS) - Stored in arachnys/cabot

Description Executed Persistent stored XSS in cabot check settings, as well as the address field. As per CVEs present Stored XSS is a High Severity bug. Proof of Concept 1. setup cabot to reproduce the vulnerability 2. create an account now login to the account 3. Go to checks Create and navigate...

0.4AI score
Exploits0References3
Huntr
Huntr
•added 2020/09/03 12:0 a.m.•14 views

Code Injection in swig/swig

Description SWIG is a compiler that integrates C and C++ with languages including Perl, Python, Tcl, Ruby, PHP, Java, C, D, Go, Lua, Octave, R, Scheme Guile, MzScheme/Racket, Scilab, Ocaml. SWIG can also export its parse tree into XML. One of the python tools of swig include a mkdist.py script...

1.6AI score
Exploits0
Huntr
Huntr
•added 2020/09/02 12:0 a.m.•40 views

Command Injection in juanfran/gulp-scss-lint

Overview gulp-scss-lint is a Lint for your .scss files, this package is vulnerable to Command Injection. It is possible to inject arbitrary commands to the exec function located in src/command.js via the provided options. Proof of Concept by JHU System Security Lab var root =...

7.5CVSS4.9AI score0.02644EPSS
Exploits1
Huntr
Huntr
•added 2020/09/02 12:0 a.m.•93 views

Command Injection in kylefarris/clamscan

Overview clamscan is a Use Node JS to scan files on your server with ClamAV's clamscan binary or clamdscan daemon. This is especially useful for scanning uploaded files provided by un-trusted sources. This package are vulnerable to Command Injection, itt is possible to inject arbitrary commands a...

6.8CVSS1.8AI score0.02122EPSS
Exploits1
Huntr
Huntr
•added 2020/09/01 12:0 a.m.•11 views

OS Command Injection in adrieankhisbe/bundle-phobia-cli

Description BundlePhobia is a tool to help you find the cost of adding a npm package to your bundle. It enables you to query package sizes. The npm-utils.js has a unsanitized exec function which leads to Arbitrary code execution Proof-of-concept const util = require'./npm-utils.js'; let a =...

2.1AI score
Exploits0
Huntr
Huntr
•added 2020/09/01 12:0 a.m.•25 views

Cross-site Scripting (XSS) - Stored in monicahq/monica

Description HTML codes can be entered and successfully run in the journal session of Monica, which allows an attacker to trigger XSS query's like causing a persistant stored XSS in the journal session. files at monica/2. Fix Suggestion Sanitize the input / escape the xss charecters or else escape...

3.5CVSS0.5AI score0.0089EPSS
Exploits1
Huntr
Huntr
•added 2020/08/23 12:0 a.m.•12 views

Code Injection in ionicabizau/git-stats

Overview git-stats is a js package for local git statistics including GitHub-like contributions calendars. Affected versions of this package are vulnerable to Command Injection. It is possible to inject arbitrary commands by using a semicolon char in any of the options.start or options.end values...

3.1AI score
Exploits0
Huntr
Huntr
•added 2020/08/20 12:0 a.m.•26 views

Prototype Pollution in kvz/locutus

Description phpjs is a community built PHP binding in JavaScript. This package is vulnerable to Prototype Pollution via parsestr. Proof of Concept const phpjs = require'phpjs'; phpjs.parsestr"protopolluted=true",; console.logpolluted;...

7.5CVSS2.2AI score0.01916EPSS
Exploits1References1
Huntr
Huntr
•added 2020/08/17 12:0 a.m.•11 views

in imsobear/node-browser

Overview node-browser is a wrapper webdriver by Node.js, this package is vulnerable to Man in the Middle MitM attacks due to downloading resources over an insecure protocol. Without a secure connection, it is possible for an attacker to intercept this connection and alter the packages received. I...

3.4AI score
Exploits0
Huntr
Huntr
•added 2020/08/17 12:0 a.m.•17 views

in spunjs/selenium-binaries

Overview selenium-binaries assists downloading Selenium related binaries for your OS, this package is vulnerable to Man in the Middle MitM attacks due to downloading resources over an insecure protocol...

9.3CVSS4.2AI score0.01752EPSS
Exploits0
Huntr
Huntr
•added 2020/08/17 12:0 a.m.•24 views

Path Traversal in marcbachmann/node-html-pdf

Overview html-pdf is a Html to pdf converter in Node.js, this package is vulnerable to Arbitrary File Read. The package fails to sanitize the HTML input, allowing attackers to exfiltrate server files by supplying malicious HTML code. XHR requests in the HTML code are executed by the server. Input...

4.1AI score
Exploits0References1
Huntr
Huntr
•added 2020/08/17 12:0 a.m.•16 views

Insecure Storage of Sensitive Information in smirzaei/rails-session-decoder

Overview rails-session-decoder is a simple utility for decoding Rails 4.x sessions in Node.js, this package are vulnerable to Information Exposure. Missing verification of the Message Authentication Code appended to the cookies may lead to decryption of cipher text, exposing encrypted information...

2.3AI score
Exploits0References1
Huntr
Huntr
•added 2020/08/17 12:0 a.m.•11 views

Path Traversal in youngerheart/nodeserver

Overview nodeserver is a Achieve node server's domain name resolution and web application's router, this package is vulnerable to Directory Traversal, which may allow access to sensitive files and data on the server. For example, requesting the following URL: /../../etc/passwd would result in...

4.3AI score
Exploits0References1
Huntr
Huntr
•added 2020/08/17 12:0 a.m.•11 views

Path Traversal in rwson/server-static

Overview server-static is a static file server, this package is vulnerable to Directory Traversal, which may allow access to sensitive files and data on the server. For example, requesting the following URL: /../../etc/passwd would result in /etc/passwd leaking...

4.1AI score
Exploits0References1
Huntr
Huntr
•added 2020/08/14 12:0 a.m.•13 views

Path Traversal in simbco/httpster

Description I would like to report a Path Traversal vulnerability in the httpster module. It allows an attacker to read system files via a Path Traversal vulnerability. With a symbolically linked file in the working directory, it is possible to read arbitrary files outside of the web root...

1.5AI score
Exploits0References3
Huntr
Huntr
•added 2020/08/10 12:0 a.m.•12 views

Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. Special characters provided as part of the Referer HTTP header. is reflected within htdocs/user/passwordforgotten.php...

3.5CVSS2.5AI score0.00851EPSS
Exploits1
Huntr
Huntr
•added 2020/08/06 12:0 a.m.•11 views

Command Injection in sh0ji/git-tags-remote

Overview git-tags-remote is a Get remote repository tags, this package is vulnerable to Command Injection. The package fails to sanitize the repository input and passes it directly to an exec call on the get function . This can allow attackers to execute arbitrary code in the system if the...

4.1AI score
Exploits0References1
Huntr
Huntr
•added 2020/07/30 12:0 a.m.•6 views

Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr

Description dolibarr is a modern and easy to use web software to manage your business. The error page is vulnerable to self XSS because of lack of escaping on $SERVER'HTTPUSERAGENT' variable before printing it. The flaw is in the dolprinterror function in the htdocs/core/lib/functions.lib.php fil...

0.5AI score
Exploits0
Huntr
Huntr
•added 2020/07/30 12:0 a.m.•22 views

Code Injection in z4nzu/hackingtool

Description The hackingtool by Z4nzu is a pool of pentest tools that is useful to hackers to do fast hacking from information gathering to web attacks to wireless hacking and much more which are provided in terminal UI. It is built using python3. However it uses os.system command in various place...

1.1AI score
Exploits0
Huntr
Huntr
•added 2020/07/28 12:0 a.m.•16 views

Code Injection in mahdaen/node-import

Overview node-import is a package that imports dependencies and run it directly or concatenate them and exports to file. This package is vulnerable to Arbitrary Code Execution. The params argument of the module function can be controlled by users without any sanitization. This is then provided to...

4.2AI score
Exploits0References1
Huntr
Huntr
•added 2020/07/28 12:0 a.m.•20 views

Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr

Overview dolibarr is a modern and easy to use web software to manage your business. This package is vulnerable to Cross-site Scripting XSS. The module renders user-uploaded html files in the browser when the attachment parameter is removed from the direct download URL...

3.5CVSS2.4AI score0.00928EPSS
Exploits1References2
Huntr
Huntr
•added 2020/07/26 12:0 a.m.•17 views

Code Injection in swooningfish/ffmpeg-web-gui

Description The ffmpeg-web-gui project is a simple video converter written in PHP which uses the ffmpeg command to convert videos in HTML formats. The issue arises at the following line: https://github.com/swooningfish/ffmpeg-web-gui/blob/master/upload-and-convert.phpL176. The arbitrary command...

0.1AI score
Exploits0
Huntr
Huntr
•added 2020/07/20 12:0 a.m.•14 views

Command Injection in 1000ch/install-package

Overview install-package is a package that installs node modules from JavaScript. This package is vulnerable to Command Injection, the argument options can be controlled by users without any sanitization giving attackers the ability to execute malicious code. POC var root =...

4.9AI score
Exploits0References1
Huntr
Huntr
•added 2020/06/24 12:0 a.m.•19 views

Denial of Service in nescalante/urlregex

Overview urlregex No-dependency URL validation for Node and the browser. This package is vulnerable to Regular Expression Denial of Service ReDoS. An attacker providing a long string in String.test can cause a Denial of Service attack. PoC node const urlRegex = require"urlregex"; const isValid =...

2.1AI score
Exploits0References1
Huntr
Huntr
•added 2020/06/24 12:0 a.m.•25 views

Denial of Service in gajus/url-regexp

Overview RegExp object to match and validate URLs. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. An attacker providing a long URL to validate or replace function will cause a Denial of Service attack. PoC node var regex = require"url-regexp";...

3.4AI score
Exploits0References1
Huntr
Huntr
•added 2020/06/16 12:0 a.m.•12 views

Code Injection in eugeneware/windows-edge

Overview windows-edge allows you to launch a new Microsoft Edge tab on Windows The issue occurs because a user input is formatted inside a command that will be executed without any check...

4.6AI score
Exploits0References1
Huntr
Huntr
•added 2020/06/16 12:0 a.m.•15 views

Code Injection in strider-cd/strider-git

Overview strider-git allows strider to use any git repository for a project. he issue occurs because a user input is formatted inside a command that will be executed without any check...

4.9AI score
Exploits0References1
Huntr
Huntr
•added 2020/06/01 12:0 a.m.•32 views

Denial of Service in manolo/gwtupload

Overview com.googlecode.gwtupload:gwtupload is a library for uploading files to web servers, showing a progress bar with real information about the process file size, bytes transferred, etc. Affected versions of this package are vulnerable to Denial of Service DoS. server/UploadServlet.java the...

5CVSS1.9AI score0.01614EPSS
Exploits1References2
Huntr
Huntr
•added 2020/05/27 12:0 a.m.•21 views

in conradirwin/em-imap

Overview em-imap is a gem that allows you to connect to an IMAP4rev1 server in a non-blocking fashion. Affected versions of this package are vulnerable to Man-in-the-Middle MitM. The hostname in a TLS server certificate is not verified. An attacker can acquire the identity of a trusted server and...

5.8CVSS5.7AI score0.00751EPSS
Exploits1References1
Total number of security vulnerabilities4072