16 matches found
EUVD-2019-11339
Malware in sbrugna...
EUVD-2019-11338
Malware in sbrugna...
CVE-2019-20802
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...
CVE-2019-20801
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...
CVE-2019-20801
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...
CVE-2019-20801
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...
CVE-2019-20802
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...
CVE-2019-20802
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...
Cross site scripting
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...
Design/Logic Flaw
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...
Readdle Documents app authorization control vulnerability
Readdle Documents app is a document manager from Readdle Ukraine. The product supports viewing EPUB eBooks, viewing Word and Excel documents and more. A security vulnerability exists in the iOS-based Readdle Documents app prior to version 6.9.7, which stems from the file transfer web server...
Readdle Documents app cross-site scripting vulnerability
Readdle Documents app is a document manager from Readdle Ukraine. The product supports viewing EPUB eBooks, viewing Word and Excel documents and more. A security vulnerability exists in iOS-based versions of the Readdle Documents app prior to 6.9.7, which stems from a failure of the file transfer...
CVE-2019-20801
CVE-2019-20801 affects the Readdle Documents iOS app up to version 6.9.7. The file-transfer web server allows cross-origin requests from any domain, and the WebSocket server lacks authorization control, enabling any website to execute JavaScript that can access a user’s data via cross-origin requ...
CVE-2019-20801
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...
CVE-2019-20802
CVE-2019-20802 affects the Readdle Documents app for iOS up to version before 6.9.7. The issue lies in the app’s file-transfer web server, which improperly displays directory names, enabling Stored XSS. The vulnerability may allow an attacker to steal user data, but exploitation requires user int...
CVE-2019-20802
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...