Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe phonegap vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-1883
Adobe PhoneGap prior to 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote malicious users to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or ...
Adobe Phonegap 2.3.0
Adobe Phonegap 2.4.0
Adobe Phonegap
Adobe Phonegap 2.2.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.5.0
7.5
CVSSv2
CVE-2014-1884
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote malicious users to bypass intended device-resource restrictions via content that is accessed (1) in a...
Apache Cordova 3.0.0
Apache Cordova 3.2.0
Apache Cordova 3.3.0
Apache Cordova 3.1.0
Apache Cordova
Adobe Phonegap 2.0.0
Adobe Phonegap 2.6.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.8.0
Adobe Phonegap 2.2.0
Adobe Phonegap 2.4.0
Adobe Phonegap 2.5.0
Adobe Phonegap
Adobe Phonegap 2.3.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.8.1
Adobe Phonegap 2.9.0
7.5
CVSSv2
CVE-2012-6637
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions do not anchor the end of domain-name regular expressions, which allows remote malicious users to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as...
Apache Cordova 3.3.0
Apache Cordova 3.2.0
Apache Cordova
Apache Cordova 3.0.0
Apache Cordova 3.1.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.2.0
Adobe Phonegap 2.3.0
Adobe Phonegap 2.5.0
Adobe Phonegap 2.6.0
Adobe Phonegap 2.9.0
Adobe Phonegap 2.4.0
Adobe Phonegap
Adobe Phonegap 2.8.0
Adobe Phonegap 2.8.1
7.5
CVSSv2
CVE-2014-1881
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions allow remote malicious users to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain a...
Apache Cordova 3.2.0
Apache Cordova
Apache Cordova 3.3.0
Apache Cordova 3.0.0
Apache Cordova 3.1.0
Adobe Phonegap 2.6.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.2.0
Adobe Phonegap 2.4.0
Adobe Phonegap 2.5.0
Adobe Phonegap 2.8.0
Adobe Phonegap
Adobe Phonegap 2.3.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.8.1
Adobe Phonegap 2.9.0
7.5
CVSSv2
CVE-2014-1882
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions allow remote malicious users to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses...
Adobe Phonegap 2.2.0
Adobe Phonegap 2.3.0
Adobe Phonegap 2.4.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.5.0
Adobe Phonegap
Adobe Phonegap 2.6.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.8.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.8.1
Adobe Phonegap 2.9.0
Apache Cordova 3.0.0
Apache Cordova 3.1.0
Apache Cordova 3.2.0
Apache Cordova
Apache Cordova 3.3.0
6.8
CVSSv2
CVE-2018-4943
Adobe PhoneGap Push Plugin versions 1.8.0 and previous versions have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app.
Adobe Push Notifications
6.4
CVSSv2
CVE-2014-1885
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication adverti...
Hsgroup Forzearmate -
6.8
CVSSv2
CVE-2014-1886
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern ...
Edinburghtour Edinburgh By Bus -
4.3
CVSSv2
CVE-2014-1887
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult s...
Drinkedin Drinkedin Barfinder -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started