Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mobile platform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-2165
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote malicious users to inject arbitrary web script or HTML via the (1) portal, (2) fromDate, (3) toDate, (4) fromTime, (5)...
Ericsson Drutt Mobile Service Delivery Platform 4.0
Ericsson Drutt Mobile Service Delivery Platform 5.0
Ericsson Drutt Mobile Service Delivery Platform 6.0
5.8
CVSSv2
CVE-2015-2167
Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to jsp/start-3pi-manager.jsp.
Ericsson Drutt Mobile Service Delivery Platform 4.0
Ericsson Drutt Mobile Service Delivery Platform 5.0
Ericsson Drutt Mobile Service Delivery Platform 6.0
5
CVSSv2
CVE-2015-2166
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote malicious users to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI.
Ericsson Drutt Mobile Service Delivery Platform 6.0
Ericsson Drutt Mobile Service Delivery Platform 4.0
Ericsson Drutt Mobile Service Delivery Platform 5.0
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2015-8600
The SysAdminWebTool servlets in SAP Mobile Platform allow remote malicious users to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855.
Sap Mobile Platform
5
CVSSv2
CVE-2015-2813
XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote malicious users to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.
Sap Mobile Platform
7.5
CVSSv2
CVE-2015-5068
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote malicious users to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.
Sap Mobile Platform 3.0
4
CVSSv2
CVE-2022-34199
Jenkins Convertigo Mobile Platform Plugin 1.1 and previous versions stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
Jenkins Convertigo Mobile Platform
6.8
CVSSv2
CVE-2022-34200
A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Convertigo Mobile Platform
4
CVSSv2
CVE-2022-34201
A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL.
Jenkins Convertigo Mobile Platform
4
CVSSv2
CVE-2020-6177
SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on t...
Sap Mobile Platform 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »