Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | PicsArt Photo Studio For Android Insecure Management Vulnerability | 7 Nov 201400:00 | – | zdt |
 | CVE-2014-5674 | 9 Sep 201401:00 | – | cvelist |
 | EUVD-2014-5561 | 7 Oct 202500:30 | – | euvd |
 | CVE-2014-5674 | 9 Sep 201401:55 | – | nvd |
 | PicsArt Photo Studio For Android Insecure Management | 7 Nov 201400:00 | – | packetstorm |
 | Information disclosure | 9 Sep 201401:55 | – | prion |
 | Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] | 1 Dec 201400:00 | – | securityvulns |
| PicsArt Photo Studio missed SSL certificate check | 1 Dec 201400:00 | – | securityvulns |
Node
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| auth | request body | api.picsart.com/users/signin.json | Login/signin API call over HTTPS that transmits user social network data and app identifiers without proper certificate validation, enabling MITM to capture tokens. | CWE-310 |
| provider | request body | api.picsart.com/users/signin.json | Login/signin API call over HTTPS that transmits user social network data and app identifiers without proper certificate validation, enabling MITM to capture tokens. | CWE-310 |
| id | request body | api.picsart.com/users/signin.json | Login/signin API call over HTTPS that transmits user social network data and app identifiers without proper certificate validation, enabling MITM to capture tokens. | CWE-310 |
| key | query param | api.picsart.com/connections/show/me.json | Fetch user connection data using a key parameter over HTTPS; if certificate validation is missing, an attacker can MITM and obtain tokens. | CWE-310 |
| key | query param | api.picsart.com/users/show/me.json | Retrieve current user information using a key parameter over HTTPS; insecure certificate handling could allow token leakage via MITM. | CWE-310 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 00:11Current
6Medium risk
Vulners AI Score6
CVSS 25.4
EPSS0.00271