55 matches found
Mozilla Firefox 跨站脚本漏洞
Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox has a cross-site scripting vulnerability that stems from the fact that the product does not effectively filter the special characters in the Url in the QR code, which can be exploited by attackers to execut...
PT-2021-7412 · Mozilla +1 · Firefox For Android +1
Name of the Vulnerable Software and Affected Versions: Firefox for Android versions prior to 94 Description: A Universal XSS issue exists due to improper sanitization when processing a URL scanned from a QR code, allowing a remote attacker to conduct a cross-site scripting XSS attack. This issue...
CVE-2021-27941
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application through 4.9.2 on Android and through 4.9.1 on iOS allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring th...
CVE-2021-25333
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code...
Samsung Pay mini 信息泄露漏洞
Samsung Pay mini is a mobile application from Samsung South Korea. It provides a mobile payment function. An information disclosure vulnerability exists in the Samsung Pay mini application prior to v4.0.14, which allows unauthorized users to access balance information by scanning a specific QR co...
[SECURITY] Fedora 32 Update: claws-mail-3.17.6-1.fc32
Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...
CVE-2018-3899
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The transinfo call can overwrite a buffer of size 0x104, which is more than enough to...
[SECURITY] Fedora 20 Update: claws-mail-3.10.1-1.fc20
Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...
Joomla! Component AJAX Shoutbox 1.6 - SQL Injection
Joomla AJAX Shoutbox remote SQL Injection vulnerability - Author: Ibrahim Raafat - Contact: https://twitter.com/RaafatSEC - Discovery date: 1 April 2010 4 years ago - Reported to vendor : 12 March 2014 - Response: Quick response from the developer, Patched and released version 1.7 in the same day...
Joomla AJAX Shoutbox SQL Injection
Joomla AJAX Shoutbox Remote SQL Injection vulnerability - Author: Ibrahim Raafat - Contact: https://twitter.com/RaafatSEC - Discovery date: 1 April 2010 4 years ago - Reported to vendor : 12 March 2014 - Response: Quick response from the developer, Patched and released version 1.7 in the same day...
[SECURITY] Fedora 17 Update: claws-mail-3.8.1-3.fc17
Claws Mail is an email client and news reader, based on GTK+, featuring quick response, graceful and sophisticated interface, easy configuration, intuitive operation, abundant features, and extensibility...
Fedora Update for claws-mail FEDORA-2012-16772
Check for the Version of claws-mail OpenVAS Vulnerability Test Fedora Update for claws-mail FEDORA-2012-16772 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Погружение в матрицу: анализ структуры и методы распознавания QR-кода
В современном мире информация может представляться в самых причудливых формах. Причины на это могут быть разные и не всегда имеют стеганографическую подоплеку. У «человека разумного» буквально появился «третий глаз»: мобильный телефон стал неотъемлемым атрибутом каждого из нас. А что именно с его...
phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion
+-------------------------------------------------------------------- + + phpAutoMembersArea 3.2.5 $installedconfigfile Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: phpAutoMembersArea 3.2.5 + Venedor ...........:...
Arbitrary code execution in SlimFTPd v3.16
Arbitrary code execution in SlimFTPd v3.16 discovered by Raphal Rigo Product: SlimFTPd by WhitSoft Development Affected Version: 3.16 verified, =3.16 probably too Not affected Version: 3.17 OS affected: All Win32 Risk: Critical Remote Exploit: yes URL: http://www.whitsoftdev.com/slimftpd/ Overvie...