59 matches found
EUVD-2015-4185
Malware in sbrugna...
EUVD-2015-2904
Malware in sbrugna...
EUVD-2015-6601
Malware in sbrugna...
EUVD-2015-3492
Malware in sbrugna...
EUVD-2015-4117
Malware in sbrugna...
EUVD-2015-2908
Malware in sbrugna...
EUVD-2015-8627
Malware in sbrugna...
SAP Afaria Security Bypass Vulnerability
SAP Afaria is a mobile device management solution from SAP. SAP Afaria suffers from a security vulnerability that allows a remote attacker to bypass authentication checks, wipe information or lock a mobile device by sending a specially crafted request...
CVE-2015-8753
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905...
Authorization
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905...
CVE-2015-8753
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905...
CVE-2015-8753
The CVE concerns SAP Afaria 7.0.6001.5, where a crafted request allows remote attackers to bypass authorization and wipe or lock mobile devices. The issue is described as related to an
SAP Afaria - Authorization bypass, Insecure signature
Application: SAP Afaria 7.0.6001.5 Vendor URL: http://www.sap.com Bugs: Authorization bypass Reported: 12.03.2015 Vendor response: 13.03.2015 Date of Public Advisory: 12.05.2015 Reference: SAP Security Note 2134905 Authors: Dmitry Chastukhin ERPScan Description An anonymous attacker can spoof a...
SAP Afaria 7 Cross Site Scripting Vulnerability
SAP Afaria version 7 suffers from a stored cross site scripting vulnerability. Application: SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015...
MDM the mobile terminal management system of the SAP Afaria stored XSS vulnerability using process-vulnerability warning-the black bar safety net
Here, will demo on SAP Afaria, a world-renowned MDM mobile terminal management software for the vulnerability analysis,while the analysis of the network how could an attacker exploit the vulnerability to attack. The black bar safety net Wikipedia: what is MDM? In short, MDM is to help...
SAP Afaria product exposed a series of serious vulnerabilities that affect a large number of mobile device-bug warning-the black bar safety net
Afaria is the German SAP software company developed a mobile device management MDM solutions that are currently on the market the most popular MDM solutions, there are about 6 3 0 0 a enterprise which manages 1 billion 3 0 0 million of the mobile device. ERPScan is specifically responsible for th...
SAP Afaria Device Inspector Page Cross-Site Scripting Vulnerability
SAP Afaria is a mobile device management solution from SAP. The solution supports the effective management of mobile devices, applications, and data lifecycles and ensures their security during transmission and storage. A cross-site scripting vulnerability exists in the Client form in the Device...
CVE-2015-6663
Cross-site scripting XSS vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject arbitrary web script or HTML via crafted client name data, aka SAP Security Note 2152669...
Cross site scripting
Cross-site scripting XSS vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject arbitrary web script or HTML via crafted client name data, aka SAP Security Note 2152669...
CVE-2015-6663
CVE-2015-6663 is a stored XSS vulnerability in SAP Afaria 7 affecting the Device Inspector page, specifically the Client form. The issue arises because the Client name field data is inserted into the page without proper escaping, enabling an attacker to inject arbitrary script via crafted data. T...