IRCCloud: Bug in iOS application which could lead to unauthorised access.

Hi, The file under the Preferences folder within the iOS application stores sensitive information: com.irccloud.IRCCloud.plist. This file stores the user's authenticated session identifier. Stealing this information would allow unauthorised access to a user's account. The content of the file can ...

PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1239 Release Date: ============= 2014-03-27 Vulnerability Laboratory ID VL-ID: ==================================== 123...

ePhone Disk 1.0.2 iOS - Multiple Vulnerabilities

ePhone Disk 1.0.2 iOS - Multiple Vulnerabilities Document Title: =============== ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1230 Release Date: ============= 2014-03-25 Vulnerability Laboratory ID...

Private Camera Pro 5.0 iOS - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Document Title: =============== Private Camera Pro v5.0 iOS - Multiple Web Vulnerabilities Product & Service Introduction: =============================== Private Camera is an iPhone and iPad camera app that could protect your privacy. It...

[DVIA] Damn Vulnerable iOS Application

.png Damn Vulnerable iOS App DVIA is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common...

WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities

Document Title: =============== WiFi Camera Roll v1.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1192 Release Date: ============= 2014-02-08 Vulnerability Laboratory ID VL-ID: ====================================...

Feetan Inc WireShare 1.9.1 iOS - Persistent

Feetan Inc WireShare 1.9.1 iOS - Persistent Document Title: =============== Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1157 Release Date: ============= 2013-12-05 Vulnerability Laboratory ID...

CVE-2013-3921

Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote attackers to read arbitrary files via a ..%2f encoded dot dot slash to the default URI...

Bluetooth U v1.2.0 iOS - Directory Traversal Vulnerability

Document Title: =============== Bluetooth U v1.2.0 iOS - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1111 Release Date: ============= 2013-10-15 Vulnerability Laboratory ID VL-ID: ====================================...

Good for Enterprise 2.2.2.1611 - Cross-Site Scripting

Good for Enterprise 2.2.2.1611 - Cross-Site Scripting The vulnerable versions are v2.2.2.1611 and earlier Proof of Concept: HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable version. Payload: alert'XSS Here'...

Good for Enterprise 2.2.2.1611 - XSS Vulnerability

Exploit for hardware platform in category web applications The vulnerable versions are v2.2.2.1611 and earlier Proof of Concept: HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable version. Payload: alert'XSS Here'...

Good For Enterprise 2.2.2.1611 Cross Site Scripting

Hello, Last month I identified a XSS vulnerability in the Good for Enterprise iOS application. The vulnerable versions are v2.2.2.1611 and earlier Proof of Concept: HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable...

WebDisk 3.0.2 PhotoViewer iOS Command Execution

Title: ====== WebDisk 3.0.2 PhotoViewer iOS - Command Execution Vulnerability Date: ===== 2013-07-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1035 VL-ID: ===== 1035 Common Vulnerability Scoring System: ==================================== 8.8 Introduction:...

Photo Server 2.0 Shell Upload / Command Injection

Title: ====== Photo Server 2.0 iOS - Multiple Critical Vulnerabilities Date: ===== 2013-07-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1029 VL-ID: ===== 1029 Common Vulnerability Scoring System: ==================================== 8.6 Introduction: =============...

FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability

Document Title: =============== FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1007 Release Date: ============= 2013-07-11 Vulnerability Laboratory ID VL-ID: ==================================== 1007...

iGet Sharp v1.1.2 iOS - Multiple Web Vulnerabilities

Document Title: =============== iGet Sharp v1.1.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=991 Release Date: ============= 2013-06-29 Vulnerability Laboratory ID VL-ID: ==================================== 991...

File via Wifi v1.3.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== File via Wifi v1.3.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=990 Release Date: ============= 2013-06-27 Vulnerability Laboratory ID VL-ID: ==================================== 990...

Mobile USB Drive HD 1.2 - Arbitrary File Upload Vulnerability

Document Title: =============== Mobile USB Drive HD 1.2 - Arbitrary File Upload Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=989 Release Date: ============= 2013-06-26 Vulnerability Laboratory ID VL-ID: ==================================...

Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities

Document Title: =============== Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=960 Release Date: ============= 2013-05-31 Vulnerability Laboratory ID VL-ID: ====================================...

CVE-2013-0128

The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to an e-mail endpoint...