41 matches found
EUVD-2025-137730
Malicious code in avangi-hola-inmi npm...
EUVD-2018-18370
Malware in sbrugna...
EUVD-2017-7940
Malware in sbrugna...
EUVD-2024-45651
Malicious code in bioql PyPI...
CVE-2024-51854
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in holanetworks Hola Free Video Player hola-free-video-player allows DOM-Based XSS.This issue affects Hola Free Video Player: from n/a through = 1.3.9...
CVE-2024-51854
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in holanetworks Hola Free Video Player hola-free-video-player allows DOM-Based XSS.This issue affects Hola Free Video Player: from n/a through = 1.3.9...
CVE-2024-51854 WordPress Hola Free Video Player plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in holanetworks Hola Free Video Player hola-free-video-player allows DOM-Based XSS.This issue affects Hola Free Video Player: from n/a through = 1.3.9...
CVE-2024-51854
CVE-2024-51854 describes a DOM-based XSS in the WordPress plugin Hola Free Video Player (versions up to 1.3.9) caused by improper neutralization of input during web page generation. The vulnerability could allow an attacker to inject and execute script in a victim’s browser when the affected plug...
CVE-2024-51854 WordPress Hola Free Video Player plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in holanetworks Hola Free Video Player hola-free-video-player allows DOM-Based XSS.This issue affects Hola Free Video Player: from n/a through = 1.3.9...
WordPress plugin Hola Free Video Player 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Hola Free Video Player Plugin <= 1.3.9 is vulnerable to Cross Site Scripting (XSS)
Software Hola Free Video Player Type Plugin Vulnerable versions = 1.3.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51854 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 95081eab926c Credits SOPROBRO Required privilege...
hola-africa.com Cross Site Scripting vulnerability OBB-3764498
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Hola VPN’s Chrome extension hacked to target MyEtherWallet users
By Waqas Although the decentralized approach to handling cryptocurrency wallets has been This is a post from HackRead.com Read the original post: Hola VPN's Chrome extension hacked to target MyEtherWallet users...
Hola Insecure Service Privilege Vulnerability
Hola is a VPN software that supports anonymous web browsing. A security vulnerability exists in Hola version 1.79.859. An attacker can exploit this vulnerability to alter or overwrite executable files with arbitrary code to elevate privileges...
CVE-2018-6623
An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists...
CVE-2018-6623
An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists...
Privilege escalation
An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists...
CVE-2018-6623
An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists...
CVE-2018-6623
The CVE-2018-6623 entry concerns Hola VPN version 1.79.859. The issue arises from insecure service permissions (SERVICE_ALL_ACCESS) on the hola_svc and hola_updater Windows services, allowing an unprivileged user to modify or overwrite the executable. The modified executable would run on the next...
Hola VPN 1.79.859 - Insecure service permissions Vulnerability
Exploit for windows platform in category local exploits ===== Tempest Security Intelligence - ADV-22/2018 === Hola VPN 1.79.859 - Insecure service permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: ===== Table of Contents...