Command injection vulnerability was identified in NPM package rising version 1.0.2
Resources:
- Project's NPM Package: https://www.npmjs.com/package/rising
- Project's NPM JS registery: https://registry.npmjs.org/rising
Splint3r7
/ rising-1.0.2-command-injection.md
Last active
November 11, 2023 14:16
Command Injection Vulnerability in Rising 1.0.2
Splint3r7
/ domain_All-Live-Datadog-Sites.csv
Created
December 25, 2023 18:19
— forked from JorgeFraga/domain_All-Live-Datadog-Sites.csv
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| domain | |
| 123rf.com | |
| 1stdibs.com | |
| 2u.com | |
| ba.com | |
| babylist.com | |
| bananatag.com | |
| baylor.edu | |
| bbcgoodfood.com | |
| bcm.edu |
Splint3r7
/ nodejs-security-vulnerability-grep.sh
Created
October 5, 2024 09:06
— forked from nstarke/nodejs-security-vulnerability-grep.sh
Node.js Security Vulnerability Grep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this command will return instances where the child_process module is loaded. | |
| # that module is generally a good signal that the application is shelling out | |
| egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "require(\s*)\((\s*)'child_process'(\s*))" . | |
| # this command will return instances where code is dynamically executed. | |
| egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "eval(\s*)\(" . | |
| # this command will check common dangerous functions and report when strings are arguments | |
| egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "(setInterval|setTimeout|new(\s*)Function)(\s*)\((\s*)\".*\"" . |
OlderNewer