Insecure Storage of Sensitive Information in Microweber

Microweber prior to version 1.3 does not strip images of EXIF data, exposing information about users' locations, device hardware, and device software...

Microsoft Office: Allow mix of policy and user locations

This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013mixpolicyanduserlocations.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Allow mix of policy and user locations Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Tinder Patches Vulnerability That Exposed User Locations

Developers with the popular dating application Tinder have fixed a vulnerability that up until last year could’ve allowed users to track other users, thanks to a hole in the app’s API and some old fashioned trigonometry. Max Veytsman, a Toronto-based researcher with Include Security disclosed the...

SA-CONTRIB-2012-117 - Location - Access Bypass

The Location module allows real-world geographic locations to be associated with Drupal nodes, including people, places, and other content. The Location Search sub-module adds a search page for searching for locations. The Location Search module fails to enforce content and user access permission...

SA-CONTRIB-2011-040 Author Pane access bypass

The Author Pane module provides information about users on a site. This module has integration with several other modules including the user locations of the Location module. If you enabled display of user locations the Author Pane module may have shown user locations to site visitors who did not...