📦

moveit_mobile

Vendor: ipswitch

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 6 Total Indexed

Avg. EPSS 0.01% Exploit Prob.

Latest CVE CVE-2015-7679 Feb 10

Security Vulnerability Index

Page 1 / 1

6.1 CVSS

CVE-2015-7679

Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/.

EPSS: 0.01%

Severity: MEDIUM

Feb 10, 2016

8.8 CVSS

CVE-2015-7678

Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.

EPSS: 0.01%

Severity: HIGH

Feb 10, 2016

6.5 CVSS

CVE-2015-7675

The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.

EPSS: 0.01%

Severity: MEDIUM

Feb 10, 2016

Displaying 3 of 6 Total Entries

Total 1 Sections