EUVD-2015-2274

Malware in sbrugna...

EUVD-2015-2276

Malware in sbrugna...

Multiple Cross-Site Scripting Vulnerabilities in Ericsson Drutt Mobile Service Delivery Platform

Ericsson Drutt Mobile Service Delivery Platform is a business support system for Service Delivery Platforms SDPs for on-site and off-portal services from Ericsson, Sweden. Multiple cross-site scripting vulnerabilities exist in Ericsson Drutt Mobile Service Delivery Platform 4, 5, and 6, which cou...

Ericsson Drutt Mobile Service Delivery Platform Directory Traversal Vulnerability

Ericsson Drutt Mobile Service Delivery Platform MSDP is a business support system from Ericsson, Sweden, that supports Service Delivery Platforms SDPs for on-site and off-portal services. A directory traversal vulnerability exists in Instance Monitor in Ericsson Drutt MSDP. A remote attacker coul...

Ericsson Drutt Mobile Service Delivery Platform Open Redirect Vulnerability

Ericsson Drutt Mobile Service Delivery Platform MSDP is a business support system from Ericsson, Sweden, that supports Service Delivery Platforms SDPs for on-site and off-portal services. An open redirection vulnerability exists in the 3PI Manager of the Ericsson Drutt MSDP, which stems from the...

CVE-2015-2167

Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform MSDP 4, 5, and 6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to jsp/start-3pi-manager.jsp...

CVE-2015-2166

Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform MSDP 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the default URI...

CVE-2015-2165

Multiple cross-site scripting XSS vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform MSDP 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the 1 portal, 2 fromDate, 3 toDate, 4 fromTime, 5 toTime, 6 kword, 7 uname, 8 pname, 9...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform MSDP 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the 1 portal, 2 fromDate, 3 toDate, 4 fromTime, 5 toTime, 6 kword, 7 uname, 8 pname, 9...

Directory traversal

Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform MSDP 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the default URI...

Open redirect

Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform MSDP 4, 5, and 6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to jsp/start-3pi-manager.jsp...

CVE-2015-2167

Summary: CVE-2015-2167 is an open redirect vulnerability in Ericsson Drutt MSDP 3PI Manager (versions 4, 5, and 6). The issue arises from inadequate filtering of the url parameter in jsp/start-3pi-manager.jsp, enabling remote attackers to redirect users to arbitrary sites and potentially facilita...

CVE-2015-2165

CVE-2015-2165 covers multiple stored/reflected XSS flaws in Ericsson Drutt MSDP Report Viewer (versions 4.x–6.x). The vulnerabilities allow remote attackers to inject arbitrary script/HTML via a large set of parameters across various JSP pages (top-links.jsp, page-summary.jsp, service-summary.jsp...

CVE-2015-2166

Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform MSDP 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the default URI...

CVE-2015-2166

Ericsson Drutt Mobile Service Delivery Platform (MSDP) has a Local File Inclusion vulnerability in the Instance Monitor affecting versions 4–6. The flaw lets remote attackers read arbitrary files via a dot-dot-encoded slash (..%2f) in the default URI, enabling information disclosure. Root cause i...

CVE-2015-2165

Multiple cross-site scripting XSS vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform MSDP 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web script or HTML via the 1 portal, 2 fromDate, 3 toDate, 4 fromTime, 5 toTime, 6 kword, 7 uname, 8 pname, 9...

Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal

Ericsson Drutt MSDP Instance Monitor - Directory Traversal +------------------------------------------------------------------------------------------------------+ + Ericsson Drutt MSDP Instance Monitor - Directory Traversal Vulnerability and Arbitrary File Access +...

Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal Vulnerability

Exploit for php platform in category web applications +------------------------------------------------------------------------------------------------------+ + Ericsson Drutt MSDP Instance Monitor - Directory Traversal Vulnerability and Arbitrary File Access +...

Ericsson Drutt MSDP (Instance Monitor) - Directory Traversal

+------------------------------------------------------------------------------------------------------+ + Ericsson Drutt MSDP Instance Monitor - Directory Traversal Vulnerability and Arbitrary File Access +...

Ericsson Drutt MSDP (Instance Monitor) Directory Traversal / File Access

+------------------------------------------------------------------------------------------------------+ + Ericsson Drutt MSDP Instance Monitor - Directory Traversal Vulnerability and Arbitrary File Access +...