Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
adobe phonegap vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-1883
Adobe PhoneGap prior to 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote malicious users to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or ...
Adobe Phonegap 2.3.0
Adobe Phonegap 2.4.0
Adobe Phonegap
Adobe Phonegap 2.2.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.5.0
668
VMScore
CVE-2014-1881
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions allow remote malicious users to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain a...
Apache Cordova 3.2.0
Apache Cordova
Apache Cordova 3.3.0
Apache Cordova 3.0.0
Apache Cordova 3.1.0
Adobe Phonegap 2.6.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.2.0
Adobe Phonegap 2.4.0
Adobe Phonegap 2.5.0
Adobe Phonegap 2.8.0
Adobe Phonegap
Adobe Phonegap 2.3.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.8.1
Adobe Phonegap 2.9.0
668
VMScore
CVE-2014-1882
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions allow remote malicious users to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and directly accesses...
Adobe Phonegap 2.2.0
Adobe Phonegap 2.3.0
Adobe Phonegap 2.4.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.5.0
Adobe Phonegap
Adobe Phonegap 2.6.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.8.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.8.1
Adobe Phonegap 2.9.0
Apache Cordova 3.0.0
Apache Cordova 3.1.0
Apache Cordova 3.2.0
Apache Cordova
Apache Cordova 3.3.0
668
VMScore
CVE-2014-1884
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote malicious users to bypass intended device-resource restrictions via content that is accessed (1) in a...
Apache Cordova 3.0.0
Apache Cordova 3.2.0
Apache Cordova 3.3.0
Apache Cordova 3.1.0
Apache Cordova
Adobe Phonegap 2.0.0
Adobe Phonegap 2.6.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.8.0
Adobe Phonegap 2.2.0
Adobe Phonegap 2.4.0
Adobe Phonegap 2.5.0
Adobe Phonegap
Adobe Phonegap 2.3.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.8.1
Adobe Phonegap 2.9.0
668
VMScore
CVE-2012-6637
Apache Cordova 3.3.0 and previous versions and Adobe PhoneGap 2.9.0 and previous versions do not anchor the end of domain-name regular expressions, which allows remote malicious users to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as...
Apache Cordova 3.3.0
Apache Cordova 3.2.0
Apache Cordova
Apache Cordova 3.0.0
Apache Cordova 3.1.0
Adobe Phonegap 2.0.0
Adobe Phonegap 2.1.0
Adobe Phonegap 2.7.0
Adobe Phonegap 2.2.0
Adobe Phonegap 2.3.0
Adobe Phonegap 2.5.0
Adobe Phonegap 2.6.0
Adobe Phonegap 2.9.0
Adobe Phonegap 2.4.0
Adobe Phonegap
Adobe Phonegap 2.8.0
Adobe Phonegap 2.8.1
605
VMScore
CVE-2018-4943
Adobe PhoneGap Push Plugin versions 1.8.0 and previous versions have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app.
Adobe Push Notifications
570
VMScore
CVE-2014-1885
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently obtain write access to external-storage resources, by leveraging control over any Google syndication adverti...
Hsgroup Forzearmate -
605
VMScore
CVE-2014-1886
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern ...
Edinburghtour Edinburgh By Bus -
383
VMScore
CVE-2014-1887
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geolocation information, by leveraging control over one of a number of adult s...
Drinkedin Drinkedin Barfinder -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started