9 matches found
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
CVE-2024-45586
CVE-2024-45586 affects Symphony XTS Web Trading and Mobile Trading platforms, version 2.0.0.1_P160. The root cause is improper access controls in the Authentication module’s APIs. An authenticated, remote attacker can manipulate HTTP request parameters to perform an unauthorized account takeover ...
PT-2024-31689 · Unknown · Symphony Xts Mobile Trading +1
Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Authentication module. An authenticated remote attacker could exploit this by manipulatin...
Clickjacking Vulnerability in Golden Jade Butler App
Jade Butler app is a mobile trading platform launched by Hengtai Securities, the platform has securities quotes, securities trading, account management, securities information and many other features. There is a clickjacking vulnerability in Jade Butler App, which can be exploited by attackers to...
September 27, 2017 – Morning Cyber Coffee Headlines – “Google” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! September 27, 2017 - Headlines S.E.C. Hacking Response Provides Road Map for...
Mobile Stock Trading App Providers Unresponsive to Glaring Vulnerabilities
More than 20 of the most popular mobile trading applications used by consumers and day-traders for securities transactions contain glaring vulnerabilities that could allow attackers to sniff personal data or steal money from accounts. Researchers from IOActive today published a report describing...
Mobile trading EdiAgent - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Mobile trading EdiAgent published at the 'play' market has multiple vulnerabilities...