EUVD-2014-2384

Malware in sbrugna...

xds.amtelco.com XSS vulnerability

Vulnerable URL: http://www.xds.amtelco.com/registration.asp?redirect=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 11:28 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alex...

CVE-2014-2347

Amtelco miSecureMessages aka MSM 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request...

Design/Logic Flaw

Amtelco miSecureMessages aka MSM 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request...

CVE-2014-2347

Amtelco miSecureMessages (MSM) Version 6.2 is affected by insufficient session management that can let remote authenticated users retrieve sensitive message contents via a modified message request. The vulnerability exposes PIIs and is exploitable remotely; publicly available exploits are noted i...

CVE-2014-2347 AMTELCO miSecure Information Exposure

Amtelco miSecureMessages aka MSM 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request...

miSecureMessages 4.0.1 - Session Management & Authentication Bypass Vulnerabilities

Exploit for php platform in category web applications Affected Product ================================== miSecureMessages from Amtelco - Tested on version: Client=4.0.1 Server=6.2.4552.30017 iOS: https://itunes.apple.com/us/app/misecuremessages/id423957478?mt=8 android:...

miSecureMessages 4.0.1 - Session Management Authentication Bypass

miSecureMessages 4.0.1 - Session Management Authentication Bypass Affected Product ================================== miSecureMessages from Amtelco - Tested on version: Client=4.0.1 Server=6.2.4552.30017 iOS: https://itunes.apple.com/us/app/misecuremessages/id423957478?mt=8 android:...

Amtelco miSecureMessages未授权访问漏洞

Bugtraq ID:66795 CVE ID:CVE-2014-0357 Amtelco miSecureMessages是一个可用于多个移动设备上的对消息进行加密的应用。 Amtelco miSecureMessages对用户消息访问缺少正确的验证，攻击者可在XML请求中提供contactID和合法许可证键值，就可以访问任意用户消息。 0 Amtelco miSecureMessages 目前没有详细解决方案： https://misecuremessages.com/...

Amtelco miSecureMessages未授权访问漏洞

Bugtraq ID:66795 CVE ID:CVE-2014-0357 Amtelco miSecureMessages是一个可用于多个移动设备上的对消息进行加密的应用。 Amtelco miSecureMessages对用户消息访问缺少正确的验证，攻击者可在XML请求中提供contactID和合法许可证键值，就可以访问任意用户消息。 0 Amtelco miSecureMessages 目前没有详细解决方案： https://misecuremessages.com/...

CVE-2014-0357

Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request from the iOS or Android application...

CVE-2014-0357

Amtelco miSecureMessages (Server Release 6.2) suffers an authentication/authorization weakness that allows remote attackers to read arbitrary user messages by sending an XML request containing a valid license key and a modified contactID value. The root cause is insufficient authentication/sessio...

AMTELCO miSecure Vulnerabilities

OVERVIEW Researcher Jared Bird of Allina Health reported multiple vulnerabilities in the AMTELCO miSecureMessage MSM medical messaging system. AMTELCO has an update available to all customers that mitigates the vulnerabilities. The vulnerabilities were discovered during cooperative testing betwee...