16 matches found
EUVD-2015-7581
Malware in sbrugna...
EUVD-2015-7580
Malware in sbrugna...
Ipswitch MOVEit Mobile Cross-Site Scripting Vulnerability
Ipswitch MOVEit An automated file transfer system from Ipswitch USA. A cross-site scripting vulnerability exists in Ipswitch MOVEit Mobile, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to obtain sensitive information or hijack...
Ipswitch MOVEit Mobile Cross-Site Request Forgery Vulnerability
Ipswitch MOVEit An automated file transfer system from Ipswitch USA. Ipswitch MOVEit Mobile suffers from a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context of the targ...
Ipswitch MOVEit DMZ and MOVEit Mobile File Read Vulnerabilities
Ipswitch MOVEit is an automated file transfer system from Ipswitch USA. DMZ and Mobile are among the versions. Ipswitch MOVEit DMZ and MOVEit Mobile have a security vulnerability in the 'Send as attachment' function due to the mobile/sendMsg URI failing to adequately filter the ' serverFileIds'...
CVE-2015-7679
Cross-site scripting XSS vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/...
CVE-2015-7675
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the 1 serverFileIds parameter to mobile/sendMsg or 2 arg01 parameter to human.aspx...
Cross site scripting
Cross-site scripting XSS vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2015-7675
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the 1 serverFileIds parameter to mobile/sendMsg or 2 arg01 parameter to human.aspx...
CVE-2015-7678
Multiple cross-site request forgery CSRF vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2015-7678
CVE-2015-7678 affects Ipswitch MOVEit Mobile 1.2.0.962 and earlier. The issue is cross-site request forgery (CSRF) vulnerabilities that allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. The connected materials confirm the product and vulnerability cla...
CVE-2015-7679
CVE-2015-7679 is a Cross-Site Scripting (XSS) vulnerability in Ipswitch MOVEit Mobile prior to version 1.2.2. The issue allows an attacker to inject arbitrary script/HTML via the query string to the mobile/ endpoint. Connected sources specify MOVEit Mobile affected versions include 1.2.0.962 and ...
CVE-2015-7675
The CVE-2015-7675 issue affects Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2. It stems from improper authorization checks in the Send as attachment workflow: an authenticated attacker can supply a valid FileID via serverFileIds (mobile/sendMsg) or arg01 (human.aspx) to bypass aut...
CVE-2015-7679
Cross-site scripting XSS vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/...
Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Scripting
Profundis Labs - Security Advisory Vulnerablity Title ================== Missing input validation vulnerability Reflected XSS Vendor: ======= Ipswitch, Inc http://www.ipswitchft.com Product: ======== MOVEit File Transfer MOVEit is an automated file transfer system that lets you manage, view,...