3 matches found
CVE-2026-33545 MobSF has SQL Injection in its SQLite Database Viewer Utils
MobSF is a mobile application security testing tool used. Prior to version 4.4.6, MobSF's readsqlite function in mobsf/MobSF/utils.py lines 542-566 uses Python string formatting % to construct SQL queries with table names read from a SQLite database's sqlitemaster table. When a security analyst...
PT-2025-35521
Name of the Vulnerable Software and Affected Versions: MobSF version 4.4.0 Description: The GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the intended download directory from neighboring directories with...
The vulnerability of the SAP Mobile Secure for Android security tool lies in the lack of protection for operational data, which allows attackers to disclose the protected information.
The vulnerability of the SAP Mobile Secure for Android security tool is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to disclose the protected information...