Lucene search
K

4 matches found

NVD
NVD
added 2022/02/16 5:15 p.m.19 views

CVE-2022-22792

MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...

7.5CVSS0.00582EPSS
Exploits0References1
Prion
Prion
added 2022/02/16 5:15 p.m.21 views

Design/Logic Flaw

MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...

5CVSS7.6AI score0.00582EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/16 4:38 p.m.20 views

CVE-2022-22792 MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters

MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...

6.6CVSS7.8AI score0.00582EPSS
Exploits0References1
CVE
CVE
added 2022/02/16 4:38 p.m.68 views

CVE-2022-22792

CVE-2022-22792 concerns MobiSoft MobiPlus. The vulnerability arises from an improper handling of URL parameters in the web handler; specifically, an attacker could navigate to a crafted URL such as /MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users to expose all users and p...

7.5CVSS7AI score0.00582EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder