VYPR
Vendor

Mail.ru

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2016-10716MedMar 16, 2018
    risk 0.35cvss 5.4epss 0.01

    The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspa#period/month URI.

  • CVE-2009-4739Mar 26, 2010
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote attackers to execute arbitrary PHP code via a URL in the language_id parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences.

  • CVE-2009-4700Mar 15, 2010
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in index.php in SkaDate Dating allows remote attackers to read arbitrary files via a .. (dot dot) in the layout parameter.

  • CVE-2014-5804Sep 9, 2014
    risk 0.00cvss epss 0.00

    The Mail.Ru Dating (aka ru.mail.love) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.