|
281921
|
- |
|
drinkedin
|
drinkedin_barfinder
|
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1887
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281922
|
- |
|
edinburghtour
|
edinburgh_by_bus
|
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage reso…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1886
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281923
|
- |
|
hsgroup
|
forzearmate
|
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1885
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281924
|
- |
|
apache
adobe
|
cordova
phonegap
|
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-reso…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1884
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281925
|
- |
|
adobe
|
phonegap
|
Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resour…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1883
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281926
|
- |
|
adobe
apache
|
phonegap
cordova
|
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1882
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281927
|
- |
|
apache
adobe
|
cordova
phonegap
|
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1881
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281928
|
- |
|
synology
|
diskstation_manager
|
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session.
|
CWE-255
CWE-200
Credentials Management
Information Exposure
|
CVE-2014-2264
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281929
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2092
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281930
|
- |
|
atutor
|
atutor
|
Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admin/forum_add.php in ATutor 2.1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the title p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2091
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
