CVE-2019-17003

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...

Mozilla Firefox 跨站脚本漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from a Javascript execution when scanning a QR code containing a javascript: URL...

CVE-2019-17003

CVE-2019-17003 describes that scanning a QR code containing a javascript: URL could cause JavaScript to be executed. Connected sources consistently reference this behavior and assign a CVSS v3.1 base score of 6.1 (MEDIUM) with NETWORK attack vector, UI: REQUIRED, and impact on Confidentiality/Int...

CVE-2019-17003

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...

SUSE CVE-2022-1127

Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction...

QR Code Scam

An enterprising individual made fake parking tickets with a QR code for easy payment...

CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...

CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...

CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...

CVE-2022-22749

When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 96...

WordPress Showing URL in QR Code plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Event Registration System 跨站脚本漏洞

Event Registration System is a QR code-based event registration system by Carlo Montero, a personal developer. A security vulnerability exists in Event Registration System version 1.0. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...

CVE-2022-3847

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack...

CVE-2022-3847 Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF

The Showing URL in QR Code WordPress plugin through 0.0.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack...

WordPress plugin Showing URL in QR Code 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2022-24420 · WordPress · Showing Url In Qr Code Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Showing URL in QR Code WordPress plugin version 0.0.1 Description: The issue is related to the lack of CSRF check when updating settings and missing sanitization as well as escaping in the plugin. This could allow attackers to make...

Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF

The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin or editor add Stored XSS payloads via a CSRF attack Make a logged in editor or admin open a page with the below payload...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code for attendance and automatic generation of library card by King Albaracin Personal Developer. A security vulnerability exists in Senayan Library Management System version v9.4.2, which was discovered to contain an SQL injection...

Apple puts the password on life support with passkey

The "passwordless future" is something many internet users--and a great majority of the cybersecurity industry--have hoped for. Now Apple is about to make those hopes a reality. With the release of iOS 16 yesterday, and macOS Ventura next month, Apple fans will be able to use passkeys, its passwo...

Library Management System SQL注入漏洞

Library Management System is a library management system with QR code attendance and automatic library card generation by King Albaracin Personal Developer. A security vulnerability exists in the idno parameter of the /card/in-card.php file in version 1.0 of the Library Management System, which c...