Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mobile platform vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-2166
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote malicious users to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI.
Ericsson Drutt Mobile Service Delivery Platform 6.0
Ericsson Drutt Mobile Service Delivery Platform 4.0
Ericsson Drutt Mobile Service Delivery Platform 5.0
1 EDB exploit
1 Github repository
NA
CVE-2015-2167
Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to jsp/start-3pi-manager.jsp.
Ericsson Drutt Mobile Service Delivery Platform 4.0
Ericsson Drutt Mobile Service Delivery Platform 5.0
Ericsson Drutt Mobile Service Delivery Platform 6.0
NA
CVE-2015-2165
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote malicious users to inject arbitrary web script or HTML via the (1) portal, (2) fromDate, (3) toDate, (4) fromTime, (5)...
Ericsson Drutt Mobile Service Delivery Platform 4.0
Ericsson Drutt Mobile Service Delivery Platform 5.0
Ericsson Drutt Mobile Service Delivery Platform 6.0
NA
CVE-2015-2813
XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote malicious users to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.
Sap Mobile Platform
NA
CVE-2015-8600
The SysAdminWebTool servlets in SAP Mobile Platform allow remote malicious users to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855.
Sap Mobile Platform
6.5
CVSSv3
CVE-2022-34199
Jenkins Convertigo Mobile Platform Plugin 1.1 and previous versions stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
Jenkins Convertigo Mobile Platform
NA
CVE-2015-5068
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote malicious users to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.
Sap Mobile Platform 3.0
8.8
CVSSv3
CVE-2022-34200
A cross-site request forgery (CSRF) vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and previous versions allows malicious users to connect to an attacker-specified URL.
Jenkins Convertigo Mobile Platform
6.5
CVSSv3
CVE-2022-34201
A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified URL.
Jenkins Convertigo Mobile Platform
NA
CVE-2015-2818
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote malicious users to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513.
Sap Mobile Platform 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »