Design/Logic Flaw

The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL...

CVE-2019-8345

The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL...

Critical OkCupid Flaw Exposed Daters to App Takeovers

A critical flaw in the OkCupid app has been found that could allow a bad actor to steal credentials, launch man-in-the-middle attacks or completely compromise the victim’s application. This is separate from the OKCupid account-takeover incident reported earlier in the week, but it does fit the...

@evan.network/angular-gulp (>=1.2.3 <=2.1.3), @evan.network/ui-angular-libs (=1.1.0) +10 more potentially affected by CVE-2018-16202 via cordova-plugin-ionic-webview (=1.2.1)

cordova-plugin-ionic-webview NPM version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on cordova-plugin-ionic-webview and may be impacted: - @evan.network/angular-gulp =1.2.3, =0.0.1, =0.0.1, =5.0.1, =0.0.8, =0.0.1, =0.0.1, =1.0.0, =0.0.1, =0.0....

GHSA-XWJH-CP99-CJ8Q Path Traversal in cordova-plugin-ionic-webview

Versions of cordova-plugin-ionic-webview prior to 2.2.0 are vulnerable to Path Traversal, allowing attackers access to OS local files that should be inaccessible by third-party applications. The package launches a webserver listening on http://localhost:8080 without restricting access of the app...

Path Traversal in cordova-plugin-ionic-webview

Versions of cordova-plugin-ionic-webview prior to 2.2.0 are vulnerable to Path Traversal, allowing attackers access to OS local files that should be inaccessible by third-party applications. The package launches a webserver listening on http://localhost:8080 without restricting access of the app...

JVN#98505783: HOUSE GATE App for iOS vulnerable to directory traversal

HOUSE GATE App for iOS provided by HOUSE GATE inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability CWE-22, CVE-2018-16202. Impact A remote attacker may obtain an arbitrary file such as a file related to an application on iOS device. As a...

CVE-2018-16202

Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0 allows remote attackers to access arbitrary files via unspecified vectors...

CVE-2018-16202

Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0 allows remote attackers to access arbitrary files via unspecified vectors...

Directory traversal

Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0 allows remote attackers to access arbitrary files via unspecified vectors...

CVE-2018-16202

Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0 allows remote attackers to access arbitrary files via unspecified vectors...

CVE-2018-16202

CVE-2018-16202 is a directory/path traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 (not including 2.0.0-beta.*). The issue enables access to local files from a compromised app, via vulnerable path handling in the package (and related Ionic ZIP parsing behavior) tha...

Google Partially Patches Flaw in Chrome for Android 3 Years After Disclosure

Google has finally patched a privacy vulnerability in its Chrome web browser for Android that exposes users' device model and firmware version, eventually enabling remote attackers to identify unpatched devices and exploit known vulnerabilities. The vulnerability, which has not yet given any CVE...

Chrome in Android Leaks Device Fingerprinting Info

Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS “working as intended.” The issue – which still doesn’t have a CVE designation despite being partially addressed as a problem – has to do with how...

cordova-plugin-ionic-webview vulnerable to path traversal

Overview cordova-plugin-ionic-webview provided by npm, Inc. contains a path traversal vulnerability CWE-22 . This vulnerability was first reported to npm, Inc. by the below reporters then also reported to IPA. Based on the coordination request made by the reporters, JPCERT/CC coordinated with npm...

JVN#69812763: cordova-plugin-ionic-webview vulnerable to path traversal

cordova-plugin-ionic-webview provided by npm, Inc. contains a path traversal vulnerability CWE-22 . Impact A remote attacker may obtain an arbitrary file such as a file related to an application on iOS device. As a result, contents of the file may be disclosed. Solution Recreate iOS application...

VK.com: Уязвимый класс WebView

Activity issue. Opening of webview that may lead to phishing attacks...

go.culturalcare.com XSS vulnerability

Open Bug Bounty ID: OBB-696015 Description| Value ---|--- Affected Website:| go.culturalcare.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Shipt: Vulnerabilities in exported activity WebView

Hello, i want to report the vulnerability found, Since the following activity com.pushio.manager.iam.ui.PushIOMessageViewActivity has exported=true it can be exploited by 3rd parties. Vulnerability com.pushio.manager.iam.ui.PushIOMessageViewActivity has exported set to true making the activity...

Grab: [Grab Android/iOS] Insecure deeplink leads to sensitive information disclosure

A deeplink feature was found missing validation that led to sensitive information disclosure. Once triggered, the deeplink would direct users to load any attacker-controlled URL within a webview. The impact was further escalated as the webview contain sensitive information. A temporary patch was...