3800 matches found
CVE-2014-1539
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image...
CVE-2014-1539
Technical details for CVE-2014-1539 are not publicly available in the provided documents. Please monitor for official updates or vendor advisories to obtain affected products, impact, and fixes.
Firefox < 30.0 Multiple Vulnerabilities (Mac OS X)
The version of Firefox installed on the remote Mac OS X host is a version prior to version 30.0. It is, therefore, affected by multiple vulnerabilities : - Memory issues exist that could lead to arbitrary code execution. Note that these issues only affect Firefox 29. CVE-2014-1533, CVE-2014-1534 ...
Mozilla Firefox < 30.0 Multiple Vulnerabilities
Binary data 8290.prm...
Clickjacking through cursor invisibility after Flash interaction — Mozilla
Security researcher Jordi Chancel reported a mechanism where the cursor can be rendered invisible after it has been used on an embedded flash object when used outside of the object. This flaw can be in used in combination with an image of the cursor manipulated through JavaScript, leading to...
FanFootage: Reporting Bugs
1This page allows visitors to upload files to the server. Various web applications allow users to upload files such as pictures, images, sounds, .... Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a...
Mavenlink: Clickjacking at https://www.mavenlink.com/ main website
Hello , i found clickjacking on main webpage. CSRF testing frame opacity: 0.5; border: none; position: absolute; top: 0px; left: 0px; z-index: 1000; window.onbeforeunload = function return " Do you want to leave ?"; site is vulnerable for clickjacking! by Vineet bhardwaj same as last bug but its ...
Mavenlink: Clickjacking & CSRF attack can be done at https://app.mavenlink.com/login
Hello, My name is Vineet bhardwaj. i am security researcher and i pen test your website https://app.mavenlink.com/login and i found there is click jacking attack and CSRF attack can be done. POC: CSRF testing frame opacity: 0.5; border: none; position: absolute; top: 0px; left: 0px; z-index: 1000...
Factlink: Click jacking
Vulnerability description Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or...
Google Chrome < 35.0.1916.114 Multiple Vulnerabilities
Binary data 8263.pasl...
CVE-2013-7234
Simple Machines Forum SMF before 1.1.19 and 2.x before 2.0.6 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header...
Design/Logic Flaw
Simple Machines Forum SMF before 1.1.19 and 2.x before 2.0.6 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header...
CVE-2013-7234
Simple Machines Forum SMF before 1.1.19 and 2.x before 2.0.6 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header...
CVE-2013-7234
CVE-2013-7234 affects Simple Machines Forum (SMF). The vulnerability exists in SMF versions prior to 1.1.19 and prior to 2.0.6, where an improper handling of the page framing allows remote attackers to perform clickjacking via an X-Frame-Options header. The NVD entry lists this as a remote, heade...
CVE-2014-2554
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...
CVE-2014-2554
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...
DEBIAN-CVE-2014-2554
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...
Code injection
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...
CVE-2014-2554
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...
CVE-2014-2554
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element...