VYPR
Vendor

Oi

Products
4
CVEs
5
Across products
5
Status
Private

Products

4

Recent CVEs

5
  • CVE-2019-18396HigOct 31, 2019
    risk 0.51cvss 7.2epss 0.16

    An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to…

  • CVE-2006-0920Feb 28, 2006
    risk 0.03cvss epss 0.01

    Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password.

  • CVE-2014-5916Sep 17, 2014
    risk 0.00cvss epss 0.00

    The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2010-1082Mar 23, 2010
    risk 0.00cvss epss 0.01

    Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the (1) theme parameter to loadStyles.php and the (2) scripts parameter to…

  • CVE-2006-0919Feb 28, 2006
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.