EUVD-2025-209264

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application...

EUVD-2015-2835

Malware in sbrugna...

EUVD-2015-2834

Malware in sbrugna...

CVE-2022-29580

There exists a path traversal vulnerability in the Android Google Search app. This is caused by the incorrect usage of uri.getLastPathSegment. A symbolic encoded string can bypass the path logic to get access to unintended directories. An attacker can manipulate paths that could lead to code...

Elasticsearch Elastic Enterprise Search 安全漏洞

Elasticsearch Elastic Enterprise Search is an enterprise search tool from Dutch company Elasticsearch. A security vulnerability exists in the Elastic Enterprise Search App that stems from a lack of authentication measures or insufficient authentication strength in a networked system or product...

Open-Xchange: XSS - Search - Unescaped contact job

The function responsible for formatting the contact's job company and position doesn't escape its value, which allows to inject arbitrary HTML content. javascript // master/ui/apps/io.ox/contacts/common-extensions.js // develop/ui/apps/io.ox/contacts/listview.js bright: function baton var text =...

Xin Online APP has logic design flaws

XIN ONLINE APP is a mobile home search software that integrates the functions of second-hand house, rental house and new house. Xin Online APP has a logical design vulnerability. Attackers can register any user and reset any password by grabbing packets to get the verification code through the...

Job Search - Dangerous filesystem permissions, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Job Search published at the 'play' market has multiple vulnerabilities...

Kids Say and Search - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Kids Say and Search published at the 'play' market has multiple vulnerabilities...

Word Search - Dynamic Code Loading, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Word Search published at the 'play' market has multiple vulnerabilities...

PubMed Search App - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application PubMed Search App published at the 'play' market has multiple vulnerabilities...

CVE-2015-2745

Multiple cross-site scripting XSS vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the 1 name or 2 title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows...

CVE-2015-2744

Cross-site scripting XSS vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view...

CVE-2015-2744

Cross-site scripting XSS vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view...

CVE-2015-2745

CVE-2015-2745 refers to multiple XSS vulnerabilities in the Gaia Search app of Mozilla Firefox OS prior to version 2.2. The issue allows remote attackers to inject arbitrary HTML via the (1) name or (2) title field in card content linked to a search item, triggered after a HOME button press or a ...

CVE-2015-2745

Multiple cross-site scripting XSS vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the 1 name or 2 title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows...

CVE-2015-2744

CVE-2015-2744 describes a cross-site scripting (XSS) vulnerability in the Gaia Search app of Mozilla Firefox OS prior to 2.2. The issue arises from a crafted search link that, when the browser is re-opened or the tab view is accessed, allows injection of arbitrary HTML due to mishandling of the s...