Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.13 views

CVE-2024-45586

This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...

9.2CVSS6.9AI score0.00432EPSS
Exploits0
NVD
NVD
added 2024/09/03 10:15 a.m.20 views

CVE-2024-45586

This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...

9.2CVSS0.00432EPSS
Exploits0References1
OSV
OSV
added 2024/09/03 10:15 a.m.6 views

CVE-2024-45586

This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...

8.8CVSS5.8AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2024/09/03 10:2 a.m.75 views

CVE-2024-45586

CVE-2024-45586 affects Symphony XTS Web Trading and Mobile Trading platforms, version 2.0.0.1_P160. The root cause is improper access controls in the Authentication module’s APIs. An authenticated, remote attacker can manipulate HTTP request parameters to perform an unauthorized account takeover ...

9.2CVSS8.6AI score0.00432EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.7 views

PT-2024-31689 · Unknown · Symphony Xts Mobile Trading +1

Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Authentication module. An authenticated remote attacker could exploit this by manipulatin...

9.2CVSS6.9AI score0.00432EPSS
Exploits0References9
CNVD
CNVD
added 2020/04/15 12:0 a.m.2 views

Clickjacking Vulnerability in Golden Jade Butler App

Jade Butler app is a mobile trading platform launched by Hengtai Securities, the platform has securities quotes, securities trading, account management, securities information and many other features. There is a clickjacking vulnerability in Jade Butler App, which can be exploited by attackers to...

6.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/09/27 2:14 p.m.21 views

September 27, 2017 – Morning Cyber Coffee Headlines – “Google” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! September 27, 2017 - Headlines S.E.C. Hacking Response Provides Road Map for...

6.5AI score
Exploits0
ThreatPost
ThreatPost
added 2017/09/26 10:36 a.m.11 views

Mobile Stock Trading App Providers Unresponsive to Glaring Vulnerabilities

More than 20 of the most popular mobile trading applications used by consumers and day-traders for securities transactions contain glaring vulnerabilities that could allow attackers to sniff personal data or steal money from accounts. Researchers from IOActive today published a report describing...

6.1AI score
Exploits0References3
hackapp
hackapp
added 2017/03/27 1:45 p.m.11 views

Mobile trading EdiAgent - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Mobile trading EdiAgent published at the 'play' market has multiple vulnerabilities...

1.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder