CVE-2026-24490

MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...

CVE-2026-24490

MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...

Awesome-Mobile-Security Cross-Site Script Vulnerabilities

Awesome-Mobile-Security is an application software. It strives to provide a collection of useful security-related apps for Android and iOS. Versions of Awesome-Mobile-Security prior to 4.4.5 had a cross-site scripting vulnerability. This vulnerability stemmed from the storage-based cross-site...

Cross-site Scripting (XSS)

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Cross-site...

PT-2026-4843

Name of the Vulnerable Software and Affected Versions MobSF versions prior to 4.4.5 Description MobSF, a mobile application security testing tool, contains a Stored Cross-site Scripting XSS vulnerability in its Android manifest analysis feature. This flaw allows an attacker to execute arbitrary...

CVE-2025-14517

CVE-2025-14517 affects Yalantis uCrop 2.2.11 and concerns the UCropActivity component defined in AndroidManifest.xml. The vulnerability arises from an improper export of Android application components, which could allow manipulation to lead to exposure of components outside the intended scope. Ex...

uCrop 安全漏洞

uCrop is an Android image cropping library open source by Yalantis. A security vulnerability exists in uCrop version 2.2.11, which originates from improper export of the function UCropActivity in the file AndroidManifest.xml, which could lead to improper export of Android application components...

EUVD-2018-0457

Malware in sbrugna...

EUVD-2020-0744

Malware in sbrugna...

EUVD-2021-3618

Malicious code in bioql PyPI...

EUVD-2025-28875

Malicious code in bioql PyPI...

EUVD-2025-28812

Malicious code in bioql PyPI...

EUVD-2025-26239

Malicious code in bioql PyPI...

EUVD-2025-26242

Malicious code in bioql PyPI...

EUVD-2025-7145

Malicious code in bioql PyPI...

EUVD-2025-25112

Malicious code in bioql PyPI...

CVE-2025-10722

A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw.android.mukbee. The manipulation results in improper export of android application components. The attack must be initiated from a local...

CVE-2025-10716

A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...

CVE-2025-10717

A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of android application components. Local acces...

CVE-2025-10715

A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.apeedication. The manipulation results in improper export of android application components. The attack...