Progress Software MOVEit Transfer UserProcessPassChangeRequest SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software MOVEit Transfer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the human.aspx endpoint. A crafted request can trigger execution of SQ...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

CVE-2018-6545

Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks...

Ipswitch MOVEit DMZ and MOVEit Mobile File Read Vulnerabilities

Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit DMZ and MOVEit Mobile have a security vulnerability in the 'Send as attachment' function due to the mobile/sendMsg URI failing to adequately filter the ' serverFileIds'...