MINI-9292-CVPH-FH52

Bulletin has no description...

CVE-2025-9292

creationtimestamp| type| source ---|---|--- 2026-04-01 23:26:42+00:00| seen| Telegram/jbWMrWY3kup1vLwq2L3T9QUurzdP-pS58MJjOuG7oT4-o...

CVE-2019-9292

In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

CVE-2015-9292

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

CVE-2024-9292

creationtimestamp| type| source ---|---|--- 2024-10-08 08:41:26+00:00| seen| https://t.me/cvedetector/7317...

CVE-2024-9292 Bridge Core <= 3.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Bridge Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formforall' shortcode in versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2020-9292

An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path...

CVE-2020-9292

CVE-2020-9292 is an unquoted service path vulnerability in the FortiSIEM Windows Agent component (AoWinAgt service path) that may allow privilege elevation. Connected documents confirm the affected product (Fortinet FortiSIEM Windows Agent) and the root cause (unquoted service path) with potentia...

CVE-2019-9292

CVE-2019-9292 affects Android 10’s Activity Manager service, enabling information disclosure via a confused deputy. It could allow local disclosure of the current foreground process without extra privileges, with no user interaction required. Mitigation is to run a device with Android 10 patch le...

CVE-2015-9292

creationtimestamp| type| source ---|---|--- 2019-08-09 00:43:14+00:00| seen| https://t.me/cibsecurity/6016 2019-08-15 18:33:12+00:00| seen| https://t.me/cibsecurity/6165...

CVE-2015-9292

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

CVE-2015-9292

CVE-2015-9292 affects 6kbbs versions 7.1 and 8.0, where a CSRF vulnerability exists in the web interfaces. The flaw allows cross-site requests to be forged via portalchannel_ajax.php (parameters id or code) or admin.php (parameter fileids). The description does not specify affected platforms beyo...

Lansweeper 6.0.0.63 Cross Site Scripting Vulnerability

Exploit for asp platform in category web applications ============================================= - Discovered by: Giovanni Cerrato, Giovanni Guido and BackBox team - Severity: Medium ============================================= I. VULNERABILITY ------------------------- Lansweeper XSS...

Lansweeper 6.0.0.63 Cross Site Scripting

============================================= - Release date: October 05th, 2017 - Discovered by: Giovanni Cerrato, Giovanni Guido and BackBox team - Severity: Medium ============================================= I. VULNERABILITY ------------------------- Lansweeper XSS vulnerability. II...

CVE-2017-9292

Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782...

CVE-2017-9292

Lansweeper before 6.0.0.65 contains a Cross‑Site Scripting (XSS) in the image retrieval URI (Bug 542782). Versions such as 6.0.0.63 and earlier are affected; exploitation involves an attacker crafting a request that, when issued by another user, causes attacker-provided JavaScript to run in that ...

9292 - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application 9292 published at the 'play' market has multiple vulnerabilities...

CVE-2014-9292

CVE-2014-9292 describes a server-side request forgery (SSRF) in the WordPress plugin Jrss Widget (proxy.php) up to version 1.2. The vulnerability allows unauthenticated remote actors to cause outbound requests and enumerate open ports via the url parameter. Affected product: WordPress/JRSS Widget...