CVE-2023-31044

CVE-2023-31044 affects Nokia Impact prior to Mobile 23_FP1; Impact DM 19.11+ is susceptible. A remote authenticated user can abuse the Add Campaign feature to inject a payload into the Campaign Name, which can be exported to CSV. The payload could be executed by spreadsheet software, potentially ...

EUVD-2024-26164

Malicious code in bioql PyPI...

CVE-2013-2309

Cross-site scripting XSS vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the "mobile version color scheme."...

CVE-2024-29126

CVE-2024-29126 : Reflected XSS in the WordPress plugin “Specific Content For Mobile – Customize the mobile version without redirections.” Affected: from n/a through 0.1.9.5. Patch status: Patched (per connected Red Hat/Wordfence entries); update to the fixed release.

WordPress Specific Content For Mobile – Customize the mobile version without redirections Plugin <= 0.1.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Specific Content For Mobile – Customize the mobile version without redirections Type Plugin Vulnerable versions = 0.1.9.5 Fixed in 0.1.9.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29126 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

CVE-2023-2907

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Marksoft allows SQL Injection. This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; API:20230605...

CVE-2023-2907 SQLi in Marksoft

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Marksoft allows SQL Injection. This issue affects Marksoft: through Mobile:v.7.1.7 ; Login:1.4 ; API:20230605...

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software features bug tracking, creating workflows, and monitoring project progress.JetBrains YouTrack Mobile 2021.2 previously had a security vulnerability that stemmed from...

Command execution vulnerability in TamronOS IPTV/VOD system (CNVD-2021-49564)

TamronOS IPTV/VOD system is a set of Linux kernel-based development of broadband operators, hotels, schools, live on-demand all-in-one solution, the system provides a variety of clients Android set-top box, TV, PC on-demand, cell phone on-demand to facilitate user access through different devices...

Fake mobile version of Valorant game spreading malware

By Sudais Asif The mobile version of the Valorant game is set to release sometime during summer 2020. This is a post from HackRead.com Read the original post: Fake mobile version of Valorant game spreading malware...

CVE-2020-6196

SAP BusinessObjects Mobile MobileBIService, version 4.2, allows an attacker to generate multiple requests, using which he can block all the threads resulting in a Denial of Service...

VK.com: Open redirect на мобильной версии в контакте (m.vk.com

Открытое перенаправление в мобильных фотографиях...

Security Bulletin: A security vulnerability in IBM WebSphere Application Server affects IBM Security Access Manager for Mobile (CVE-2015-2017)

Summary IBM Security Access Manager for Mobile is affected by a HTTP response splitting vulnerability in IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-2017 DESCRIPTION: The IBM WebSphere Portal is vulnerable to HTTP response splitting attacks. A remote attacker could...

Burrowing ideas | account to attack of a several common techniques-vulnerability warning-the black bar safety net

web security incidents, the account, is usually presented to the attacker's first point of contact with account-related functions if there is a defect, an attacker can obtain the key information and important features, such as, the login fails, the error message can determine whether the because...

Apple GarageBand Memory Corruption Vulnerability

Apple GarageBand is a digital music creation software written by Apple and is part of iLife, an application suite for the Mac. It allows users to create music. Apple also released an iOS version for use on iOS devices. A memory corruption vulnerability exists in Apple GarageBand. An attacker coul...

Bumble: Leave inaccessible messaging system with a message (https://us1.badoo.com)

Hello, to test the messaging system I found a vulnerability that allows Inaccessible leave mensajaria system to another user only required to send a message. The vulnerability is in the system as the mobile version smiles and app do not have that system is only vulnerable version desktop VULNERAB...

Yahoo mail released to fix XSS attack vulnerability-vulnerability warning-the black bar safety net

Recently, in Yahoo is also considering whether to spin-off Alibaba shares, even in consideration of the sale of Yahoo's core business, including Yahoo mail, sports, website, and advertising technology, Yahoo mail, announced currently the repair had previously been found but not released one...

Shopify: Authentication Failed Mobile version

1 access shopify.com login 2 access your profile change password Insert a new password and select the 'Also log out of your store on Shopify Mobile and / or Shopify POS' field. In my test session was not closed in mobile version for Android. Please check it...

WordPress Symposium Plug-In File Upload Vulnerabiilty

Since the disclosure of a serious file-upload vulnerability in WordPress Symposium and the public availability of proof-of-concept exploit code, attacks against sites running the plug-in are starting to raise concern. Researchers at Trustwave SpiderLabs on Tuesday said they had snared a number of...

IBM Security Access Manager SQL Injection Vulnerability

IBM Security Access Manager software is a highly scalable user authentication, authorization and Web SSO solution for implementing security policies on a variety of Web and application resources, centralized management of online portals. A SQL injection vulnerability exists in IBM Security Access...