CVE-2025-0546

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Restriction of Rendered UI Layers or Frames vulnerability in Mevzuattr Software MevzuatTR allows Phishing, iFrame Overlay, Clickjacking, Forceful Browsing. This issue needs high privileges. This...

CVE-2025-0546

The CVE-2025-0546 issue affects MevzuatTR (Mevzuattr Software) prior to version 12.02.2025. The vulnerability is caused by improper neutralization of input during web page generation (XSS) and improper restriction of rendered UI layers/frames, enabling phishing, iFrame overlays, clickjacking, and...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

PT-2025-38142

Name of the Vulnerable Software and Affected Versions: MevzuatTR versions prior to 12.02.2025 Description: The software contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' and Improper Restriction of Rendered UI Layers or Frames issue. This allows for...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

PT-2025-37768

Name of the Vulnerable Software and Affected Versions Rems' Employee Management System version 1.0 Description A Clickjacking issue exists that allows remote attackers to execute arbitrary JavaScript. The issue is present on the 'department.php' page and involves injecting a malicious payload int...

CVE-2025-57117

An analysis of CVE-2025-57117, with multiple connected sources, confirms a Clickjacking vulnerability in Rems’ Employee Management System v1.0. The issue resides in the department.php page where an attacker can inject a malicious payload via the Department Name field under Add Department to execu...

CVE-2025-57117

A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows remote attackers to execute arbitrary JavaScript on the department.php page by injecting a malicious payload into the Department Name field under Add Department...

Rems Employee Management System 安全漏洞

Rems Employee Management System is an employee management system from Rems, Inc. A security vulnerability exists in Rems Employee Management System version 1.0, which originates from the injection of a malicious payload into the department name field and could lead to a clickjacking attack...

Google Android elevation of privilege vulnerability (CNVD-2025-23040)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a clickjacking/overwriting attack in the maybeShowDialog function in ControlsSettingsDialogManager.kt that results in ControlsSettingsTialog...

Awesome-Bugbounty-Writeups

This is a curated list of bug bounty writeups, specifically focusing on various types of web application vulnerabilities. The repository is organized by vulnerability type, with sections for Cross-Site Scripting XSS, Cross-Site Request Forgery CSRF, Clickjacking, Local File Inclusion LFI, Subdoma...

CVE-2024-13066

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking.This issue affects LimonDesk: from s1.02.14 before v1.02.17...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a clickjacking/overwriting attack in the maybeShowDialog function in ControlsSettingsDialogManager.kt that results in ControlsSettingsTialog...

Google Android elevation of privilege vulnerability (CNVD-2026-00037)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a clickjacking/overwriting attack in finishTransition of Transition.java. An attacker can exploit this vulnerability to gain elevated privileges on...

CVE-2024-13066

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

CVE-2024-13066 iFrame Injection in Akinsoft's LimonDesk

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

CVE-2024-13066

CVE-2024-13066 describes an improper restriction of rendered UI layers or frames in Akinsoft LimonDesk (affected: s1.02.14 up to

CVE-2024-13066

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...