14 matches found
EUVD-2014-6614
Malware in sbrugna...
EUVD-2010-3312
Malware in sbrugna...
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT. The phishing attack incorporates a number of advanced evasion techniques to gain complete control over compromised systems, siphon...
VulnCheck KEV: CVE-2010-3313
phpgwapi/js/fckeditor/editor/dialog/fckspellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary...
EPL digileht - veebipõhine - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application EPL digileht - veebipõhine published at the 'play' market has multiple vulnerabilities...
CVE-2014-6736
The EPL Hat Trick aka com.hat.trick.goal application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The EPL Hat Trick aka com.hat.trick.goal application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6736
The EPL Hat Trick aka com.hat.trick.goal application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6736
The EPL Hat Trick (com.hat.trick.goal) Android app 1.0 does not verify X.509 certificates from SSL servers, allowing MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. No remediation details are provided in the given documents; CVSS/impact data from NVD in...
CVE-2011-4951
Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware Enterprise Line EPL before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter...
CVE-2011-4949
The CVE-2011-4949 entry concerns an SQL injection in EGroupware’s web UI: phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php. Affected are EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805. The vulnerability allows remote atta...
CVE-2011-4948
CVE-2011-4948 is a directory traversal vulnerability in EGroupware’s admin/remote.php. Affected products are EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805. The issue allows remote attackers to read arbitrary files by supplying...
eGroupware Premium Line v9.1 - SQL Injection Vulnerability
Document Title: =============== eGroupware Premium Line v9.1 - SQL Injection Vulnerability Release Date: ============= 2011-07-17 Vulnerability Laboratory ID VL-ID: ==================================== 81 Product & Service Introduction: =============================== EPL is the professional choi...
Code injection
phpgwapi/js/fckeditor/editor/dialog/fckspellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary commands v...