CVE-2019-5627

The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The...

Photos in Wifi 1.0.1 - Path Traversal

Document Title: =============== Photos in Wifi 1.0.1 iOS - Path Traversal Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1600 Release Date: ============= 2018-01-04 Vulnerability Laboratory ID VL-ID: ===================================...

Super File Explorer 1.0.1 - File Upload Web Vulnerability

Document Title: =============== Super File Explorer 1.0.1 - File Upload Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2034 Release Date: ============= 2017-02-23 Vulnerability Laboratory ID VL-ID: ====================================...

Device Inspector 1.5 Command Injection

Document Title: =============== Device Inspector v1.5 iOS - Command Inject Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1558 Release Date: ============= 2015-08-07 Vulnerability Laboratory ID VL-ID: ====================================...

Linkus Photo Manager Pro 4.4.0 Code Execution

Document Title: =============== Photo Manager Pro 4.4.0 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1444 Release Date: ============= 2015-03-10 Vulnerability Laboratory ID VL-ID: ====================================...

Wifi Drive Pro 1.2 Local File Inclusion

Document Title: =============== Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1447 Release Date: ============= 2015-03-13 Vulnerability Laboratory ID VL-ID: ====================================...

Authentication Flaw in PayPal mobile API Allows Access to Blocked Accounts

.jpg Payment services provider PayPal is vulnerable to an authentication restriction bypass vulnerability, which could allow an attacker to bypass a filter or restriction of the online-service to get unauthorized access to a blocked users’ PayPal account. The security vulnerability actually resid...

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability

Document Title: =============== Video WiFi Transfer 1.01 - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1288 Release Date: ============= 2014-08-01 Vulnerability Laboratory ID VL-ID: ==================================...

AppFish Offline Coder v2.2 iOS - Persistent Vulnerability

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-07 Vulnerability Laboratory ID VL-ID: ====================================...

Vanctech File Commander 1.1 LFI / File Upload

Document Title: =============== Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1235 Release Date: ============= 2014-03-28 Vulnerability Laboratory ID VL-ID: ====================================...

mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities

Document Title: =============== mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1198 Release Date: ============= 2014-02-14 Vulnerability Laboratory ID VL-ID: ==================================== 1198...

jDisk (stickto) v2.0.3 iOS - Multiple Web Vulnerabilities

Document Title: =============== jDisk stickto v2.0.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1196 Release Date: ============= 2014-02-11 Vulnerability Laboratory ID VL-ID: ==================================== 11...

ZippyYum 3.4 Insecure Data Storage

Title: CVE-2013-6986 Insecure Data Storage in Subway Ordering for California ZippyYum 3.4 iOS mobile application Published: DATE Reported to Vendor: May 2013 CVE Reference: CVE-2013-6986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986 CVSS v2 Base Score: 4.9 CVSS v2 Vector...

Stem Innovation ‘IZON’ Hard-coded Credentials (CVE-2013-6236)

Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux distribution and also the hidden web...

Stem Innovation - 'IZON' Hard-Coded Credentials

Stem Innovation ‘IZON’ Hard-coded Credentials CVE-2013-6236 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux distribution and also the hidden web...