CVE-2023-2726

Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-2726

CVE-2023-2726 affects Google Chrome/Chromium prior to 113.0.5672.126, where an attacker could bypass the install dialog by convincing a user to install a malicious web app via a crafted HTML page. This is described as an Inappropriate implementation in WebApp Installs, with Chromium security seve...

CVE-2023-2726

Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. Chromium security severity: Medium...

Google Chrome < 113.0.5672.126 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 113.0.5672.126. It is, therefore, affected by multiple vulnerabilities as referenced in the 202305stable-channel-update-for-desktop16 advisory. - Inappropriate implementation in WebApp Installs in Google Chrome prior to...

Google Chrome < 113.0.5672.126 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 113.0.5672.126. It is, therefore, affected by multiple vulnerabilities as referenced in the 202305stable-channel-update-for-desktop16 advisory. - Inappropriate implementation in WebApp Installs in Google Chrome prior to...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 12 security fixes: 1444360 Critical CVE-2023-2721: Use after free in Navigation. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2023-05-10 1400905 High CVE-2023-2722: Use after free in Autofill UI. Reported by Rong Jian of VRI on 2022-12-14 1435166...

Textpattern 4.8.8 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Textpattern 4.8.8 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://textpattern.com/ Version : 4.8.8 Tested on: windows 11 xammp | Kali linux Category: WebApp Google Dork: intext:"Published with Textpattern...

Textpattern 4.8.8 Remote Code Execution

Exploit Title: Textpattern 4.8.8 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://textpattern.com/ Version : 4.8.8 Tested on: windows 11 xammp | Kali linux Category: WebApp Google Dork: intext:"Published with Textpattern...

Bludit 3-14-1 Plugin (UploadPlugin) - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.bludit.com/ Version : 3-14-1 Tested on: windows 11 wampserver | Kali linux Category: WebApp Google Dork: intext:'2022...

Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Textpattern 4.8.8 - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://textpattern.com/ Version : 4.8.8 Tested on: windows 11 xammp | Kali linux Category: WebApp Google Dork: intext:"Published with Textpattern...

Bludit 3-14-1 Plugin &#039;UploadPlugin&#039; - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.bludit.com/ Version : 3-14-1 Tested on: windows 11 wampserver | Kali linux Category: WebApp Google Dork: intext:'2022...

Yoga Class Registration System v1.0 - Multiple SQLi

Exploit Title: Yoga Class Registration System v1.0 - Multiple SQLi Date: 19/03/2023 Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html Software...

The vulnerability of the WebApp components of Google Chrome and Microsoft Edge allows attackers to carry out spoofing attacks.

The vulnerability of the WebApp components of Google Chrome and Microsoft Edge is related to the improper implementation of security checks for standard elements during the loading process. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a speciall...

Chromium: CVE-2023-1230 Inappropriate implementation in WebApp Installs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

NETGEAR WNR2000 RCE (PSV-2016-0261)

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. This vulnerability can only be exploited when an...

SUSE CVE-2023-1230

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...

Google Chrome Security Updates (stable-channel-update-for-desktop-2023-03) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 40 security fixes: 1411210 High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong@n3sk of Theori on 2023-01-30 1412487 High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 1417176...

CVE-2023-1230

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-1230

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...