33 matches found
EUVD-2018-19738
Malware in sbrugna...
EUVD-2018-19461
Malware in sbrugna...
EUVD-2018-19739
Malware in sbrugna...
EUVD-2018-19435
Malware in sbrugna...
CVE-2019-10276
Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type...
Western Bridge Cobub Razor Physical Path Disclosure Vulnerability (CNVD-2018-07345)
Western Bridge Cobub Razor is an open source mobile application analytics system. The system can provide users with detailed multi-dimensional reports and monitor their mobile applications and applications user behavior statistics. A security vulnerability exists in Western Bridge Cobub Razor...
CVE-2018-8770
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php,...
Design/Logic Flaw
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php,...
CVE-2018-8770
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php,...
CVE-2018-8770
Cobub Razor 0.8.0 is affected by CVE-2018-8770, a physical path leakage information disclosure. The issue arises via multiple test-related PHP files and fixtures (e.g., generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/post...
CVE-2018-8770
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php,...
Western Bridge Cobub Razor SQL Injection Vulnerability
Western Bridge Cobub Razor is an open source mobile application analytics system. The system can provide users with detailed multi-dimensional reports and monitor their mobile applications and applications user behavior statistics. A SQL injection vulnerability exists in Western Bridge Cobub Razo...
Design/Logic Flaw
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
CVE-2018-8056
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
CVE-2018-8057
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channelname or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php...
CVE-2018-8056
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
Sql injection
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channelname or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php...
CVE-2018-8057
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channelname or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php...
CVE-2018-8056
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channelname parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php...
CVE-2018-8057
Cobub Razor 0.8.0 is affected by a SQL injection vulnerability in the /index.php?/manage/channel/addchannel endpoint. The issue stems from unsanitized input via the channel_name and platform parameters in /application/controllers/manage/channel.php (lines 75–95), enabling error-based and time-bas...