Information Exposure

Overview Versions of cordova-android prior to 6.0.0 are vulnerable to Information Exposure through log files. The application calls methods of the Log class. Messages passed to these methods Log.v, Log.d, Log.i, Log.w, and Log.e are stored in a series of circular buffers on the device. By default...

Apache Cordova Android 5.2.2 Information Leak Vulnerability

Apache Cordova Android versions 5.2.2 and below suffer from an internal system information leak. CVE-2016-6799: Internal system information leak Severity: High Vendor: The Apache Software Foundation Versions Affected: Cordova Android 5.2.2 and below Description: The application calls methods of t...

Code injection

Product: Apache Cordova Android 5.2.2 and earlier. The application calls methods of the Log class. Messages passed to these methods Log.v, Log.d, Log.i, Log.w, and Log.e are stored in a series of circular buffers on the device. By default, a maximum of four 16 KB rotated logs are kept in addition...

Arbitrary File Download Vulnerability in ShowDownload Function of Tibco Call Center System

The core of Tibco's call center system is a communication-based system for internal and external corporate communication. An arbitrary file download vulnerability exists in the showDownload function of the Tibco Call Center System. The vulnerability file is: /userweb/php/index/log.class.php, whic...

anwsion注入很普通in注入

简要描述： anwsion注入很普通in注入 详细说明： system/class/clsactionlogclassinc.php 472代码; public static function getactionsdistintbywhere 类 $sql = "SELECT MAXhistoryid historyid FROM " . gettable'useractionhistory' . " WHERE " . $where . " GROUP BY associateid, associatetype ORDER BY historyid DESC";...