mwarchitectuur.nl Improper Access Control vulnerability OBB-3923174

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

margathijssen.nl Improper Access Control vulnerability OBB-3922929

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

giftlaza.com Cross Site Scripting vulnerability OBB-3920962

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

vidipedia.org Cross Site Scripting vulnerability OBB-3919299

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The vulnerability of the Firebase Database Check framework in the Mobile Security Framework (MobSF) allows a attacker to perform an SSRF attack.

The vulnerability of the Firebase Database Check framework used in the Mobile Security Framework MobSF for security research in mobile applications is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack remotely...

nanoherbalmedicine.com Cross Site Scripting vulnerability OBB-3911229

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-31215 Mobile Security Framework (MobSF) vulnerable to Server-Side Request Forgery (SSRF) in firebase database check

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. A SSRF vulnerability in firebase database check logic. The attacker can cause the server to make a connection to internal-only services within the organization’s...

GHSA-WPFF-WM84-X5CX Mobile Security Framework (MobSF) vulnerable to SSRF in firebase database check

Impact What kind of vulnerability is it? Who is impacted? SSRF vulnerability in firebase database check logic. The attacker can cause the server to make a connection to internal-only services within the organization’s infrastructure. When malicious app is uploaded to Static analyzer, it is possib...

Mobile Security Framework 安全漏洞

Mobile Security Framework MobSF is an automated all-in-one mobile application open-sourced by Mobile Security Framework. Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...

PT-2024-23: Server-Side Request Forgery (SSRF) in Mobile Security Framework (MobSF)

The vulnerability was identified in Mobile Security Framework MobSF, versions =3.9.7. The discovered SSRF vulnerability in Firebase Database Check can be exploited by an attacker to make server connect to internal-only services. It is possible to make internal requests in case a malicious app is...

PT-2024-2891 · Unknown · Mobile Security Framework

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 3.9.8 Description: A Server-Side Request Forgery SSRF vulnerability exists in the firebase database check logic of the Mobile Security Framework MobSF. This allows an attacker to cause the...

PYSEC-2024-257

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

PYSEC-2024-257

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

CVE-2024-29190 MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns)

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

Mobile Security Framework 安全漏洞

Mobile Security Framework MobSF is Mobile Security Framework open source an automated all-in-one mobile application . Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...

PT-2024-22794 · Unknown · Mobile Security Framework

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions 3.9.5 Beta and prior Description: The issue arises from the lack of input validation when extracting hostnames in android:host, allowing requests to be sent to local hostnames. This can lead to...

publinmuebles.com Cross Site Scripting vulnerability OBB-3870309

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SuiteCRM Code Issue Vulnerability (CNVD-2024-28186)

SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM 7.14.2 suffers from a code issue vulnerability that stems from the presence of a local file inclusion vulnerability. No detailed vulnerability details are provided at this time...

gflexonline.nl Improper Access Control vulnerability OBB-3866454

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

zelfenergieproduceren.nl Cross Site Scripting vulnerability OBB-3865206

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...