32 matches found
MAL-2026-2123 Malicious code in yelp-mobile-site-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ad1d645e8b5f71c1d74bd3c213319d6674345796d462ed0e53a87c084f07a84 The package yelp-mobile-site-common was found to contain malicious code. Source: ghsa-malware...
Malicious code in yelp-mobile-site-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ad1d645e8b5f71c1d74bd3c213319d6674345796d462ed0e53a87c084f07a84 The package yelp-mobile-site-common was found to contain malicious code. Source: ghsa-malware...
EUVD-2014-9235
Malware in sbrugna...
CVE-2025-9884
The Mobile Site Redirect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious w...
WordPress Mobile Site Redirect plugin <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Mobile Site Redirect versions = 1.2.1...
CVE-2025-9884 Mobile Site Redirect <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Mobile Site Redirect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious w...
CVE-2025-9884 Mobile Site Redirect <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Mobile Site Redirect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious w...
EUVD-2025-32273
The Mobile Site Redirect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious w...
WordPress plugin Mobile Site Redirect 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request forgery...
Atlassian Jira < 8.13.2 Mobile Site Leaks Titles Of Privately Linked Tickets
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to version 8.13.2 or 8.14.0 prior to version 8.14.1. It is, therefore, affected by a vulnerability which permits unauthenticated remote attackers to view custom field and custom...
Atlassian Jira 8.14.0 < 8.14.1 Mobile Site Leaks Titles Of Privately Linked Tickets
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to version 8.13.2 or 8.14.0 prior to version 8.14.1. It is, therefore, affected by a vulnerability which permits unauthenticated remote attackers to view custom field and custom...
CVE-2020-36235
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version 8.14.0 before 8.14.1...
CVE-2020-36235
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view custom field and custom SLA names via an Information Disclosure vulnerability in the mobile site view. The affected versions are before version 8.13.2, and from version 8.14.0 before 8.14.1...
VK.com: [0.vk.com] Reflected XSS на странице подтверждения.
XSS в старых версиях IE на мобильной версии сайта, доступной некоторым операторам. Reflected XSS на поддомене 0.vk.com. only IE\MTS\Beeline...
X (Formerly Twitter): url that twitter mobile site can not load
Summary: A url that twitter mobile site can not load, crushes any page containing this url Description: Invalid hex characters crushes twitter mobile site as example go to https://mobile.twitter.com/?%xx twitter won't load. 1 Sending such url on a direct message, twitter will no longer be able to...
wolframsyndrome.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-674764 Description| Value ---|--- Affected Website:| wolframsyndrome.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Mail.ru: XSS https://health.mail.ru/my/ через внешнее имя аккаунта
Здравствуйте. Раньше репортил багу связанную с ником в одноклассниках так вот нашел еще одно место. На мобильной версии https://health.mail.ru/my/ в никнейме мы можем видеть self-stored xss. F305597 Так выглядит имя: F305599 Impact XSS...
mobile.dudasite.com Open Redirect vulnerability
Open Bug Bounty ID: OBB-562370 Description| Value ---|--- Affected Website:| mobile.dudasite.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
m.ec21.com XSS vulnerability
Vulnerable URL: https://m.ec21.com/mobile/pDetails.jsp?catalogid=10248560=mobiles"'--!...
standardmedia.co.ke XSS vulnerability
Vulnerable URL: http://www.standardmedia.co.ke/mobile/?articleID=2000026553"'--!...