4 matches found
CVE-2022-22792
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...
Design/Logic Flaw
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...
CVE-2022-22792 MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users...
CVE-2022-22792
CVE-2022-22792 concerns MobiSoft MobiPlus. The vulnerability arises from an improper handling of URL parameters in the web handler; specifically, an attacker could navigate to a crafted URL such as /MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users to expose all users and p...