CVE-2025-0546 XSS in Mevzuattr Software's MevzuatTR

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Restriction of Rendered UI Layers or Frames vulnerability in Mevzuattr Software MevzuatTR allows Phishing, iFrame Overlay, Clickjacking, Forceful Browsing. This issue needs high privileges. This...

CVE-2025-0546

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Restriction of Rendered UI Layers or Frames vulnerability in Mevzuattr Software MevzuatTR allows Phishing, iFrame Overlay, Clickjacking, Forceful Browsing. This issue needs high privileges. This...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

PT-2025-38142

Name of the Vulnerable Software and Affected Versions: MevzuatTR versions prior to 12.02.2025 Description: The software contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' and Improper Restriction of Rendered UI Layers or Frames issue. This allows for...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

PT-2025-37768

Name of the Vulnerable Software and Affected Versions Rems' Employee Management System version 1.0 Description A Clickjacking issue exists that allows remote attackers to execute arbitrary JavaScript. The issue is present on the 'department.php' page and involves injecting a malicious payload int...

CVE-2025-57117

An analysis of CVE-2025-57117, with multiple connected sources, confirms a Clickjacking vulnerability in Rems’ Employee Management System v1.0. The issue resides in the department.php page where an attacker can inject a malicious payload via the Department Name field under Add Department to execu...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

Rems Employee Management System 安全漏洞

Rems Employee Management System is an employee management system from Rems, Inc. A security vulnerability exists in Rems Employee Management System version 1.0, which originates from the injection of a malicious payload into the department name field and could lead to a clickjacking attack...

Google Android elevation of privilege vulnerability (CNVD-2025-23040)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a clickjacking/overwriting attack in the maybeShowDialog function in ControlsSettingsDialogManager.kt that results in ControlsSettingsTialog...

Awesome-Bugbounty-Writeups

This is a curated list of bug bounty writeups, specifically focusing on various types of web application vulnerabilities. The repository is organized by vulnerability type, with sections for Cross-Site Scripting XSS, Cross-Site Request Forgery CSRF, Clickjacking, Local File Inclusion LFI, Subdoma...

CVE-2024-13066

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking.This issue affects LimonDesk: from s1.02.14 before v1.02.17...

Google Android elevation of privilege vulnerability (CNVD-2026-00037)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a clickjacking/overwriting attack in finishTransition of Transition.java. An attacker can exploit this vulnerability to gain elevated privileges on...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a clickjacking/overwriting attack in the maybeShowDialog function in ControlsSettingsDialogManager.kt that results in ControlsSettingsTialog...

CVE-2024-13066

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

CVE-2024-13066 iFrame Injection in Akinsoft's LimonDesk

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

CVE-2024-13066

CVE-2024-13066 describes an improper restriction of rendered UI layers or frames in Akinsoft LimonDesk (affected: s1.02.14 up to

CVE-2024-13066

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...