15 matches found
CVE-2025-41089
Reflected Cross-Site Scripting XSS in Xibo CMS v4.1.2 from Xibo Signage, due to a lack of proper validation of user input. To exploit the vulnerability, the attacker must create a template in the 'Templates' section, then add an element that has the 'Configuration Name' field, such as the 'Clock'...
CVE-2025-41089 Reflected Cross-Site Scripting (XSS) in CMS
Reflected Cross-Site Scripting XSS in Xibo CMS v4.1.2 from Xibo Signage, due to a lack of proper validation of user input. To exploit the vulnerability, the attacker must create a template in the 'Templates' section, then add an element that has the 'Configuration Name' field, such as the 'Clock'...
EUVD-2025-33693
Reflected Cross-Site Scripting XSS in Xibo CMS v4.1.2 from Xibo Signage, due to a lack of proper validation of user input. To exploit the vulnerability, the attacker must create a template in the 'Templates' section, then add an element that has the 'Configuration Name' field, such as the 'Clock'...
Digital Clock Widget Xperia - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Digital Clock Widget Xperia published at the 'play' market has multiple vulnerabilities...
Christmas theme clock widge - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Christmas theme clock widge published at the 'play' market has multiple vulnerabilities...
Weather Clock Widget - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Weather Clock Widget published at the 'play' market has multiple vulnerabilities...
soccer weather clock widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application soccer weather clock widget published at the 'play' market has multiple vulnerabilities...
Night Clock Weather Widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Night Clock Weather Widget published at the 'play' market has multiple vulnerabilities...
HD Clock Weather Widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application HD Clock Weather Widget published at the 'play' market has multiple vulnerabilities...
Sense Analog Clock Widget Dark - Dynamic Code Loading, External URLs, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Sense Analog Clock Widget Dark published at the 'play' market has multiple vulnerabilities...
Weather Clock Widget Free - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Weather Clock Widget Free published at the 'play' market has multiple vulnerabilities...
3 Day Clock Forecast Widget - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application 3 Day Clock Forecast Widget published at the 'play' market has multiple vulnerabilities...
World Clock & Widget - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application World Clock & Widget published at the 'play' market has multiple vulnerabilities...
DIGI Clock Widget - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application DIGI Clock Widget published at the 'play' market has multiple vulnerabilities...
Love Clock Widget - Dynamic Code Loading, External URLs, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Love Clock Widget published at the 'play' market has multiple vulnerabilities...