KLA91060 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Security...

CVE-2024-45240

The TikTok aka com.zhiliaoapp.musically application before 34.5.5 for Android allows the takeover of Lynxview JavaScript interfaces via deeplink traversal in the application's exposed WebView. On Android 12 and later, this is only exploitable by third-party applications...

Huawei Smartphone 缓冲区错误漏洞

Huawei Emui is an Android-based mobile operating system. Huawei Magic UI is the operating system for Honor phones. Huawei EMUI/Magic UI has a stack overflow vulnerability that can be exploited by attackers to cause a system reset...

骑士CMS某接口1处SQL盲注#1(官网demo测试)

简要描述： 骑士CMS某接口1处SQL盲注官网demo测试 详细说明： 手机客户端接口存在SQL注入，SELECT注入无关键字过滤,理论上可以获取任意数据。 ： http://demo.74cms.com/android/resume.php 代码： 15 if !empty$aset'displayorder' 16 17 $arr=explode'',$aset'displayorder'; 18 $arr1=pregmatch'/asc|desc/',$arr1?$arr1:"desc"; 19 if $arr0=="rtime" 20 21 $orderbysql=" ORDER...