VYPR

Mobile

by Allomani

CVEs (3)

  • CVE-2009-3430Sep 25, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.

  • CVE-2020-36502Oct 22, 2021
    risk 0.00cvss epss 0.01

    Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the devicename parameter which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered as the device name itself.

  • CVE-2018-18013Oct 24, 2018
    risk 0.00cvss epss 0.03

    * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code…