13 matches found
EUVD-2014-2384
Malware in sbrugna...
miSecureMessages 4.0.1 - Session Management & Authentication Bypass Vulnerabilities
No description provided by source...
CVE-2014-2347
Amtelco miSecureMessages aka MSM 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request...
Design/Logic Flaw
Amtelco miSecureMessages aka MSM 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request...
CVE-2014-2347
Amtelco miSecureMessages (MSM) Version 6.2 is affected by insufficient session management that can let remote authenticated users retrieve sensitive message contents via a modified message request. The vulnerability exposes PIIs and is exploitable remotely; publicly available exploits are noted i...
CVE-2014-2347 AMTELCO miSecure Information Exposure
Amtelco miSecureMessages aka MSM 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request...
miSecureMessages 4.0.1 - Session Management & Authentication Bypass Vulnerabilities
Exploit for php platform in category web applications Affected Product ================================== miSecureMessages from Amtelco - Tested on version: Client=4.0.1 Server=6.2.4552.30017 iOS: https://itunes.apple.com/us/app/misecuremessages/id423957478?mt=8 android:...
miSecureMessages 4.0.1 - Session Management Authentication Bypass
miSecureMessages 4.0.1 - Session Management Authentication Bypass Affected Product ================================== miSecureMessages from Amtelco - Tested on version: Client=4.0.1 Server=6.2.4552.30017 iOS: https://itunes.apple.com/us/app/misecuremessages/id423957478?mt=8 android:...
Amtelco miSecureMessages未授权访问漏洞
Bugtraq ID:66795 CVE ID:CVE-2014-0357 Amtelco miSecureMessages是一个可用于多个移动设备上的对消息进行加密的应用。 Amtelco miSecureMessages对用户消息访问缺少正确的验证,攻击者可在XML请求中提供contactID和合法许可证键值,就可以访问任意用户消息。 0 Amtelco miSecureMessages 目前没有详细解决方案: https://misecuremessages.com/...
Amtelco miSecureMessages未授权访问漏洞
Bugtraq ID:66795 CVE ID:CVE-2014-0357 Amtelco miSecureMessages是一个可用于多个移动设备上的对消息进行加密的应用。 Amtelco miSecureMessages对用户消息访问缺少正确的验证,攻击者可在XML请求中提供contactID和合法许可证键值,就可以访问任意用户消息。 0 Amtelco miSecureMessages 目前没有详细解决方案: https://misecuremessages.com/...
CVE-2014-0357
Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request from the iOS or Android application...
CVE-2014-0357
Amtelco miSecureMessages (Server Release 6.2) suffers an authentication/authorization weakness that allows remote attackers to read arbitrary user messages by sending an XML request containing a valid license key and a modified contactID value. The root cause is insufficient authentication/sessio...
AMTELCO miSecureMessages Server insecurely authenticates clients
Overview AMTELCO miSecureMessages Server Release 6.2 performs weak authentication for access to user messages CWE-287. Description AMTELCO miSecureMessages Server Release 6.2 performs weak authentication for access to user messages. miSecureMessages authenticates client app XML requests for...