CVE-2025-53215

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8bitkid Yahoo! WebPlayer yahoo-media-player allows Reflected XSS.This issue affects Yahoo! WebPlayer: from n/a through = 2.0.6...

CVE-2025-53215

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8bitkid Yahoo! WebPlayer yahoo-media-player allows Reflected XSS.This issue affects Yahoo! WebPlayer: from n/a through = 2.0.6...

CVE-2025-53215

CVE-2025-53215 : Reflected XSS in Yahoo! WebPlayer (WordPress Yahoo! WebPlayer plugin) affecting versions up to 2.0.6. The issue arises from improper neutralization of input during web page generation. The vulnerability affects Yahoo! WebPlayer (Yahoo Media Player) with CVSS 3.1 vector: AV:N/AC:L...

CVE-2025-53215 WordPress Yahoo! WebPlayer Plugin <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8bitkid Yahoo! WebPlayer allows Reflected XSS. This issue affects Yahoo! WebPlayer: from n/a through 2.0.6...

WordPress plugin Yahoo! WebPlayer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Yahoo! WebPlayer Plugin <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by johska in WordPress Plugin Yahoo! WebPlayer versions = 2.0.6...

Linux Distros Unpatched Vulnerability : CVE-2022-48197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected cross-site scripting XSS exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript...

Malicious code in test-mlw2-gulas-yahoo (npm)

The package test-mlw2-gulas-yahoo was found to contain malicious code...

MAL-2025-35461 Malicious code in test-mlw2-gulas-yahoo (npm)

The package test-mlw2-gulas-yahoo was found to contain malicious code...

CVE-2024-28895

'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's devi...

CVE-2013-2307

The Yahoo! Browser application before 1.4.3 for Android allows remote attackers to spoof the address bar via a crafted web site...

CVE-2013-2316

The Yahoo! Browser application 1.4.4 and earlier for Android allows remote attackers to spoof the address bar via vectors related to URL display, a different vulnerability than CVE-2013-2307...

CVE-2013-7288

Cross-site scripting XSS vulnerability in the mycodeparsevideo function in inc/classparser.php in MyBB aka MyBulletinBoard before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via vectors related to Yahoo video URLs...

CVE-2012-2647

Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page...

CVE-2013-4700

The Yahoo! Japan Shopping application 1.4 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2013-4699

The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2012-0268

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow...

CVE-2005-0737

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode...

CVE-2003-1135

Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service crash via a file send request sendfile with a large number of "%" percent characters after the Yahoo ID...

CVE-2007-5543

Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590...