CVE-2019-16383

CVE-2019-16383 affects Progress MOVEit Transfer via MOVEit.DMZ.WebApi.dll in MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1. The Red Hat/CIRCL/CNVD entries confirm an unauthenticated SQL injection via the REST API that can cause database access breaches. Affe...

Ipswitch MoveIt Cross-Site Request Forgery Vulnerability

Ipswitch MoveIt is a suite of automated file transfer software from Ipswitch USA. It supports the control, management, and viewing of all business-critical file transfer activities through a single, secure system. A cross-site request forgery vulnerability exists in Ipswitch MoveIt version 8.1. A...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

Cross site scripting

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting (XSS) flaw (evidence references human.aspx). The vulnerability could allow attackers to deliver malicious messages to other MoveIt users, potentially stealing session cookies and enabling client-side attacks. The available connec...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

IPSwitch MOVEit 8.1 9.4 - Cross-Site Scripting

IPSwitch MOVEit 8.1 9.4 - Cross-Site Scripting Exploit Title: IPSwitch MoveIt Stored Cross Site Scripting XSS Date: 1-31-2017 Software Link: https://www.ipswitch.com/moveit Affected Version: 8.1-9.4 only confirmed on 8.1 but other versions prior to 9.5 may also be vulnerable Exploit Author:...

IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting

Exploit Title: IPSwitch MoveIt Stored Cross Site Scripting XSS Date: 1-31-2017 Software Link: https://www.ipswitch.com/moveit Affected Version: 8.1-9.4 only confirmed on 8.1 but other versions prior to 9.5 may also be vulnerable Exploit Author: 1N3@CrowdShield - https://crowdshield.com Early...

IPSwitch MoveIt 9.4 Cross Site Scripting Vulnerability

Exploit for asp platform in category web applications Exploit Title: IPSwitch MoveIt Stored Cross Site Scripting XSS Software Link: https://www.ipswitch.com/moveit Affected Version: 8.1-9.4 only confirmed on 8.1 but other versions prior to 9.5 may also be vulnerable Exploit Author: email protecte...

IPSwitch MoveIt 9.4 Cross Site Scripting

Exploit Title: IPSwitch MoveIt Stored Cross Site Scripting XSS Date: 1-31-2017 Software Link: https://www.ipswitch.com/moveit Affected Version: 8.1-9.4 only confirmed on 8.1 but other versions prior to 9.5 may also be vulnerable Exploit Author: 1N3@CrowdShield - https://crowdshield.com Early...

Ipswitch MOVEit Transfer Security Bypass Vulnerability

Ipswitch MOVEit Transfer formerly DMZ an automated file transfer system from Ipswitch USA. The system supports the control, management, and viewing of all business-critical file transfer activities through a single, secure system. A security bypass vulnerability exists in Ipswitch MOVEit Transfer...

CVE-2017-6195

Ipswitch MOVEit Transfer formerly DMZ allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20...

Sql injection

Ipswitch MOVEit Transfer formerly DMZ allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20...

CVE-2017-6195

Ipswitch MOVEit Transfer formerly DMZ allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20...

CVE-2017-6195

Ipswitch MOVEit Transfer formerly DMZ allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20...

CVE-2017-6195

CVE-2017-6195 concerns pre-authentication blind SQL injection in Ipswitch MOVEit Transfer (now Progress MOVEit Transfer) and MOVEit DMZ. Affected products include MOVEit Transfer (2017) and MOVEit DMZ, with fixed versions MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.2...

Ipswitch MOVEit File Transfer Cross-Site Scripting Vulnerability

Ipswitch MOVEit File Transfer formerly known as DMZ an automated file transfer system from the US company Ipswitch. A cross-site scripting vulnerability exists in Ipswitch MOVEit File Transfer 8.1 and earlier versions, which can be exploited by remote attackers to conduct cross-site scripting...

CVE-2015-7676

Ipswitch MOVEit File Transfer formerly DMZ 8.1 and earlier, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting XSS attacks by uploading HTML files...

Cross site scripting

Ipswitch MOVEit File Transfer formerly DMZ 8.1 and earlier, when configured to support file view on download, allows remote authenticated users to conduct cross-site scripting XSS attacks by uploading HTML files...