OESA-2024-1155 zbar security update

ZBar is an open source software suite for reading bar codes from various sources, such as video streams, image files and raw intensity sensors. It supports many popular symbologies types of bar codes including EAN-13/UPC-A, UPC-E, EAN-8, Code 128, Code 39, Interleaved 2 of 5 and QR Code. Security...

CVE-2024-0953

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS 129...

Code injection

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content...

CVE-2024-0953

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS 129...

CVE-2024-0953

The CVE-2024-0953 entry corresponds to a vulnerability in Firefox for iOS (affecting versions before 129) where scanning a QR code via the built-in QR Code Scanner navigates to the URL without a user confirmation. Root cause: the scanner does not prompt before navigation, potentially directing us...

CVE-2024-0953

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS 129...

CVE-2024-0953

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects Firefox for iOS 129...

Mozilla Firefox Input Validation Error Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an input validation error vulnerability that stems from the fact that QR Code Scanner does not display a user-confirmed URL before opening a website, potentially directing...

CVE-2024-1111

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

CVE-2024-1111

The CVE-2024-1111 entry concerns SourceCodester QR Code Login System 1.0, where the issue affects the add-user.php file. The root cause is manipulation of the qr-code argument, enabling cross-site scripting (XSS). The vulnerability can be exploited remotely and impacts unknown functionality in ad...

SourceCodester QR Code Login System 安全漏洞

QR Code Login System is a modern authentication QR code solution for rems individual developers. A security vulnerability exists in the SourceCodester QR Code Login System version 1.0, which stems from the fact that add-user.php contains an unknown function that leads to cross-site scripting via...

QR Code Phishing Soars 587%: Users Falling Victim to Social Engineering Scams

By Deeba Ahmed QR Code Phishing has surged by a staggering 587%, with scammers exploiting it to steal login credentials and deploy malware. This is a post from HackRead.com Read the original post: QR Code Phishing Soars 587%: Users Falling Victim to Social Engineering Scams...

[SECURITY] Fedora 39 Update: zbar-0.23.93-1.fc39

ZBar Bar Code Reader is an open source software suite for reading bar codes from various sources, such as video streams, image files and raw intensity sensors. It supports EAN-13/UPC-A, UPC-E, EAN-8, Code 128, Code 93, Code 39, Codabar, Interleaved 2 of 5, QR Code and SQ Code...

[SECURITY] Fedora 38 Update: zbar-0.23.93-1.fc38

ZBar Bar Code Reader is an open source software suite for reading bar codes from various sources, such as video streams, image files and raw intensity sensors. It supports EAN-13/UPC-A, UPC-E, EAN-8, Code 128, Code 93, Code 39, Codabar, Interleaved 2 of 5, QR Code and SQ Code...

CVE-2021-24559

The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...

CVE-2021-24559

The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...

Cross site scripting

The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...