The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to trigger unintended execution of a loaded file

Mozilla SeaMonkey software contains a vulnerability related to an error in file loading, caused by an improper limitation on the time delay for button selections. Exploiting this vulnerability allows malicious actors to remotely replace the interface/cursor and trigger the unintended execution of...

The vulnerability of the Firefox browser allows a malicious actor to trigger the unintended execution of a loaded file.

The Mozilla Firefox browser contains a vulnerability related to an error in file loading, caused by an improper limitation on the time delay for button selections. Exploiting this vulnerability allows malicious actors to remotely replace the interface/cursor and trigger the unintended execution o...

FantasyTote: Stored number of clicks in the Deposits button

Hi, i have found a cache issue that your system store the number of clicks at the Deposits button. You can click the Deposits button more than one time and the amount will by multiplied by the number of clicks . I have attacked the poc . Thanks...

MediaLink MWN-WAPR300N Insecure Session

MediaLink router MWN-WAPR300N - Several Vulnerabilities The vulnerabilities reported here are for the firmware version currently being shipped by Amazon.com. This is hardware version 2.0, firmware version V5.07.51enMDL01 . I have no knowledge of the behavior of previous versions of this router...

I is how to hack Amazon one-click shopping button-bug alert-the black bar safety net

Write in front of words（original author How do babies communicate? He/she when to sleep? When? This looks like a simple problem, but not solved, so I begin to choose some baby tracking application, but the function seems too simple, is not ideal. As the child grows, the function needs to continue...

LOCKON EC-CUBE Social-button Premium Plugin Cross-Site Scripting Vulnerability

LOCKON EC-CUBE is an open source e-commerce website building platform developed by Japan LOCKON Co. A cross-site scripting vulnerability exists in version 1.0 of the Social-button Premium plugin for LOCKON EC-CUBE 2.13.x. The vulnerability can be exploited to inject arbitrary Web script or HTML. ...

CVE-2016-1180

Cross-site scripting XSS vulnerability in the Cyber-Will Social-button Premium plugin before 1.1 for EC-CUBE 2.13.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Cyber-Will Social-button Premium plugin before 1.1 for EC-CUBE 2.13.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-1180

The CVE-2016-1180 issue concerns the Cyber-Will EC-CUBE Social-button Premium plugin. A cross-site scripting (XSS) vulnerability exists in the Social-button Premium plugin before version 1.1 for EC-CUBE 2.13.x, allowing remote attackers to inject arbitrary web script or HTML via unspecified vecto...

CVE-2016-1180

Cross-site scripting XSS vulnerability in the Cyber-Will Social-button Premium plugin before 1.1 for EC-CUBE 2.13.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" vulnerable to cross-site scripting

Overview EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" provided by Cyber-Will Inc. contain a cross-site scripting vulnerability CWE-79. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

JVN#78482127: EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" vulnerable to cross-site scripting

EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" provided by Cyber-Will Inc. contain a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to th...

The Fart Button - WebView JavaScript enabled, WebView files access vulnerabilities

HackApp vulnerability scanner discovered that application The Fart Button published at the 'play' market has multiple vulnerabilities...

Instant Button Mundo Canibal 2 - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Instant Button Mundo Canibal 2 published at the 'play' market has multiple vulnerabilities...

Virtual Volume Button - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Virtual Volume Button published at the 'play' market has multiple vulnerabilities...

Big Fart Button - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Big Fart Button published at the 'play' market has multiple vulnerabilities...

Drupal Core Forms Interface Ignores Submit Button Access Restriction Vulnerability

Drupal is a free and open source content management system developed in PHP. An access bypass vulnerability exists in Drupal Core. Allowing input submission, e.g. using JavaScript, of form button elements that the user should not have access to because the buttons are blocked by server-side form...

WordPress Claptastic Clap! Button 1.3 Cross Site Scripting

Product: Claptastic clap! Button Exploit Author: Sachin Wagh Version: 1.3 Home page Link: https://wordpress.org/plugins/claptastic-clap-button/ ============================================================================ Details: The Claptastic clap! Button plugin for WordPress is prone to a...

Claptastic clap! Button <= 1.3 - Authenticated Cross-Site Scripting (XSS)

The claptastic-clap-button WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

WordPress Claptastic clap! Button Plugin <= 1.3 - Cross Site Scripting (XSS)

This plugin is prone to a cross site scripting vulnerability, because it fails to sufficiently sanitize user-supplied input. Solution Update the plugin...