12 matches found
EUVD-2017-7415
Malware in sbrugna...
EUVD-2017-7413
Malware in sbrugna...
CVE-2017-15998
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cleartext information by sniffing the network...
CVE-2017-15999
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with an SHA-1 hash of the password. The attacker can either crack this hash or use it for further attack...
CVE-2017-15997
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attacker can gain access to user credentials more easily by leveraging access to the preferences XML fi...
NQ Contacts Backup&Restore Access Gain Vulnerability
NQ Contacts Backup&Restore application for Android is a set of data backup and recovery software based on Android platform. A security vulnerability exists in version 1.1 of the NQ Contacts Backup&Restore application for Android, which originates from the program's use of an RC4 static key. The...
CVE-2017-15998
The CVE concerns the Android app NQ Contacts Backup & Restore version 1.1, which uses DES encryption with a static key to protect transmitted contact data. This practice can allow remote attackers to obtain plaintext data by sniffing network traffic, representing a confidentiality impact describe...
CVE-2017-15997
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attacker can gain access to user credentials more easily by leveraging access to the preferences XML fi...
CVE-2017-15999
CVE-2017-15999 affects the Android app NQ Contacts Backup & Restore (version 1.1). The root issue is transmission of credentials without HTTPS: during login, the username is sent in cleartext together with an SHA-1 hash of the password. This enables an attacker to crack the password hash or reuse...
Simpler Contacts Backup - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Simpler Contacts Backup published at the 'play' market has multiple vulnerabilities...
My Contacts Backup Pro 2.0.1 IOS - Command Inject Vulnerability & Cross Site Scripting Vulnerabi
Exploit for iOS platform in category local exploits Document Title: =============== My Contacts Backup Pro 2.0.1 IOS - Command Inject Vulnerability & Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar email protected taurusomar.blogspot.com Release Date:...
My Contacts Backup Pro 2.0.1 Command Injection / XSS
Document Title: =============== My Contacts Backup Pro 2.0.1 IOS - Command Inject Vulnerability & Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Service Introductio...