2 matches found
CVE-2024-0606
An attacker could execute unauthorized script on a legitimate site through UXSS using window.open by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS 122...
UBUNTU-CVE-2014-9235
Multiple SQL injection vulnerabilities in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 action parameter to group.php or 2 user.php or the 3 locationid parameter to photos.php in php/...