69 matches found
CVE-2025-35060 Newforma Info Exchange (NIX) stored XSS via SVG file upload
Newforma Info Exchange NIX provides a 'Send a File Transfer' feature that allows a remote, authenticated attacker to upload SVG files that contain JavaScript or other content that may be executed or rendered by a web browser using a mobile user agent...
EUVD-2013-6763
Malware in sbrugna...
SAMSUNG Internet 安全漏洞
SAMSUNG Internet is a cell phone application from the South Korean company Samsung SAMSUNG. It provides a browser function. A security vulnerability exists in SAMSUNG Internet versions prior to 26.0.3.1. An attacker could exploit the vulnerability to obtain sensitive information...
Mozilla Focus 安全漏洞
Mozilla Focus is a browser for iOS devices from the Mozilla Foundation. Mozilla Focus for iOS is vulnerable to a spoofing vulnerability caused by an error related to the use of Javascript links. An attacker can exploit this vulnerability to spoof URL addresses in the Focus navigation bar...
Microsoft Edge 安全漏洞
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge for iOS has a spoofing vulnerability that can be exploited by attackers to conduct spoofing attacks...
The vulnerability of Firefox browser for iOS arises from the lack of protection for website structure. This allows attackers to add unsafe elements to a page after a certain delay.
The vulnerability of Firefox browser for iOS is related to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a malicious actor to add insecure elements to a page after a certain delay...
Spoofing
Microsoft Edge for Android Spoofing Vulnerability...
Mozilla Focus 安全漏洞
Mozilla Focus is a browser for iOS devices from the Mozilla Foundation. Mozilla Focus for iOS suffers from a cross-site scripting vulnerability that is caused by incorrect validation of user-supplied input. An attacker could exploit the vulnerability to steal the victim's cookie-based...
The vulnerability of Firefox’s Reader Mode in the iOS browser allows a hacker to gain unauthorized access to protected information and perform cross-site scripting attacks.
The vulnerability of Firefox’s Reader Mode for iOS relates to the lack of measures taken to eliminate HTML tags. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information and perform cross-site scripting attacks...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A denial of service vulnerability exists in Mozilla Firefox for iOS, which can be exploited by attackers to cause the browser to crash...
Virtuozzo Hybrid Infrastructure 5.3 (5.3.0-130)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover Kubernetes as a Service, storage performance, security, monitoring and alerts, and the user interface. Additionally, this release delivers stability improvements and addresses issues found in previous...
WordPress Mobile browser color select plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2022-1969
The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the adminupdatedata function. This makes it possible for unauthenticated attackers to inject malicious...
CVE-2022-1969 Mobile browser color select <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the adminupdatedata function. This makes it possible for unauthenticated attackers to inject malicious...
CVE-2022-1969 Mobile browser color select <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the adminupdatedata function. This makes it possible for unauthenticated attackers to inject malicious...
WordPress plugin Mobile browser color select 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
Mobile Browser Color Select <= 1.0.1 - Stored Cross-Site Scripting via CSRF
The plugin is lacking CSRF check in its adminupdatedata function, which could allow attackers to make a logged in admin call it, and perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping in the processed user input...
5 Casual Games You Can Play on Your Mobile Browser Now
By Owais Sultan Online gaming has always been the buddy of leisure time because they allow us to bring some enjoyment… This is a post from HackRead.com Read the original post: 5 Casual Games You Can Play on Your Mobile Browser Now...
CVE-2021-33593
Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing...
Samsung Internet 安全漏洞
Samsung Internet is a cell phone application from Samsung South Korea. It provides a browser function. A security vulnerability previously existed in Samsung Internet 14.0.1.20, which allowed an attacker to perform privileged operations by exploiting the vulnerability...