3797 matches found
Design/Logic Flaw
There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability...
CVE-2019-5243
There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability...
CVE-2019-5243
CVE-2019-5243 relates to a clickjacking vulnerability in Huawei HG255s wireless router. The vulnerability allows an attacker to coerce a user into clicking a hidden or obscured element, potentially compromising the device’s integrity. The initial description and connected documents consistently r...
Security Bulletin: IBM Security Information Queue web application is vulnerable to clickjacking attack
Summary The IBM Security Information Queue ISIQ web application is vulnerable to a clickjacking attack in which an untrusted page could get embedded into another frame or object. As of v1.0.3, the ISIQ web server disallows browsers from embedding content. Vulnerability Details CVEID: CVE-2019-421...
X (Formerly Twitter): Twitter Periscope Clickjacking Vulnerability
Bonjour, Summary X-Frame-Options ALLOW-FROM https://twitter.com/ not supported by several Browser, this caused Clickjacking on Twitter Periscope subdomain https://canary-web.pscp.tv & https://canary-web.periscope.tv Steps To Reproduce: 1. Create a new HTML file 2. Put 3. Save the file 4. Open...
Cuvva: Clickjacking in ops.cuvva.com
Hi, Description: Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking contr...
Security Bulletin: Rational Functional Tester Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)
Summary Java API Documentation contains a frame injection vulnerability. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login with your IBM ID ---|--- CVEID: CVE-2013-1571...
Bashter - Web Crawler, Scanner, And Analyzer Framework
Bashter is a tool for scanning a Web-based Application. Bashter is very suitable for doing Bug Bounty or Penentration Testing. It is designed like a framework so you can easily add a script for detect vulnerability. For Example You can add something script like this:...
Denial Of Service
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that sending requests containing large headers to the Web Console produced a Java OutOfMemoryError in the HTTP management interface. An attacker could use thi...
Cross-site Request Forgery (CSRF)
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that sending requests containing large headers to the Web Console produced a Java OutOfMemoryError in the HTTP management interface. An attacker could use thi...
Cross-site Request Forgery (CSRF)
Samba is an open-source implementation of the Server Message Block SMB or Common Internet File System CIFS protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool SWAT did not protect against being...
Session Takeover
jenkins is vulnerable to session takeover. The vulnerability exists as clickjacking attacks were possible...
Cross Site Scripting (XSS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Cross Site Scripting (XSS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Arbitrary Code Execution
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Man-in-the-middle
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Information Disclosure
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Clickjacking Attack
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Privilege Escalation
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...
Denial Of Service (DoS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...