Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/25 12:0 a.m.76 views

Ipswitch MOVEit DMZ < 8.2 Multiple Vulnerabilities

The version of Ipswitch MOVEit DMZ installed on the remote host is prior to 8.2. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Send as Attachment feature due to improper sanitization of user-supplied input to the 'serverFileIds' parameter of mobile/sendMsg and th...

6.5CVSS5.8AI score0.03111EPSS
Exploits5References5
NVD
NVD
added 2016/02/10 3:59 p.m.25 views

CVE-2015-7677

The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides different error messages depending on whether a FileID exists, which allows remote authenticated users to enumerate FileIDs via the X-siLock-FileID parameter in a download action to MOVEitISAPI/MOVEitISAPI.dll...

4.3CVSS4.8AI score0.02954EPSS
Exploits2References4
CVE
CVE
added 2016/02/10 3:0 p.m.64 views

CVE-2015-7677

CVE-2015-7677 affects Ipswitch MOVEit DMZ (before 8.2) via the MOVEitISAPI service. The issue exposes information disclosure: remote authenticated users can enumerate FileIDs by sending a request to MOVEitISAPI/MOVEitISAPI.dll using the X-siLock-FileID parameter in a download action, taking advan...

4.3CVSS4.3AI score0.02954EPSS
Exploits2References4Affected Software1
Packet Storm
Packet Storm
added 2016/01/28 12:0 a.m.113 views

Ipswitch MOVEit DMZ 8.1 File ID Enumeration

Profundis Labs - Security Advisory Vulnerablity Title ================== A security issue in MOVEit application allows the enumeration of existing FileIDs CVE-2015-7677 Vendor: ======= Ipswitch, Inc http://www.ipswitchft.com Product: ======== MOVEit File Transfer MOVEit is an automated file...

4CVSS5.5AI score0.03111EPSS
Exploits3
Rows per page
Query Builder