10 matches found
CVE-2026-32843
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
EUVD-2026-13113
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843
A reflected cross-site scripting (XSS) vulnerability affects Location Aware Sensor System by LinkIt ONE up to commit f06bd20 (2023-04-26) in PM25.php. The issue arises from allowing unencoded payloads via GET parameters (site, city, district, channel, or apikey), enabling remote attackers to exec...
CVE-2026-32843
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
SoK: a Systematic Review of Context- and Behavior-Aware Adaptive Authentication in Mobile Environments
As mobile computing becomes central to digital interaction, researchers have turned their attention to adaptive authentication for its real-time, context- and behavior-aware verification capabilities. However, many implementations remain fragmented, inconsistently apply intelligent techniques, an...
Tinder Patches Vulnerability That Exposed User Locations
Developers with the popular dating application Tinder have fixed a vulnerability that up until last year could’ve allowed users to track other users, thanks to a hole in the app’s API and some old fashioned trigonometry. Max Veytsman, a Toronto-based researcher with Include Security disclosed the...
New Attack Locates Web Users Via XSS, Google Data
The security researcher who created the MySpace XSS worm in 2005 has developed a technique that enables an attacker to accurately locate a Web user with GPS coordinates, without using IP-based geolocation. Samy Kamkar, the author of the infamous Samy worm that spread through MySpace, on Monday...