Ipswitch MOVEit DMZ 8.1 File ID Enumeration

Profundis Labs - Security Advisory Vulnerablity Title ================== A security issue in MOVEit application allows the enumeration of existing FileIDs CVE-2015-7677 Vendor: ======= Ipswitch, Inc http://www.ipswitchft.com Product: ======== MOVEit File Transfer MOVEit is an automated file...

Ipswitch MOVEit Mobile 1.2.0.962 Cross Site Request Forgery

Profundis Labs - Security Advisory Vulnerablity Title ================== MOVEit Filetransfer Cross Site Request Forgery Vulnerability CVE-2015-7678 Vendor: ======= Ipswitch, Inc http://www.ipswitchft.com Product: ======== MOVEit File Transfer MOVEit is an automated file transfer system that lets...

Ipswitch MOVEit DMZ 8.1 Authorization Bypass

Profundis Labs - Security Advisory Vulnerablity Title ================== A security issue in MOVEit web and mobile application allows for unauthorized access to arbitrary files and documents Vendor: ======= Ipswitch, Inc http://www.ipswitchft.com Product: ======== MOVEit File Transfer MOVEit is a...

SQL Injection in extension "Library for Frontend plugins" (sg_zfelib)

It has been discovered that the extension "Library for Frontend plugins" sgzfelib is susceptible to SQL Injections. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.1.512 and below Vulnerability Type: SQL Injection...