VYPR
Vendor

Tapatalk

Products
5
CVEs
9
Across products
9
Status
Private

Products

5

Recent CVEs

9
  • CVE-2014-2023CriOct 26, 2017
    risk 0.67cvss 9.8epss 0.04

    Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in…

  • CVE-2017-14652CriSep 21, 2017
    risk 0.64cvss 9.8epss 0.02

    SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as part of the user registration process.

  • CVE-2014-8870Jan 15, 2015
    risk 0.00cvss epss 0.01

    Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin before 1.1.2 for Woltlab Burning Board 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board_url parameter.

  • CVE-2014-8869Jan 15, 2015
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin 1.x before 1.1.2 for Woltlab Burning Board 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) app_android_id or (2)…

  • CVE-2014-7020Oct 16, 2014
    risk 0.00cvss epss 0.00

    The Diabetes Forum (aka com.tapatalk.diabetescoukdiabetesforum) application 3.9.30 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-6740Sep 27, 2014
    risk 0.00cvss epss 0.00

    The XD Forum (aka com.tapatalk.xdforumcomforum) application 3.9.17 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-6649Sep 23, 2014
    risk 0.00cvss epss 0.00

    The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-6646Sep 23, 2014
    risk 0.00cvss epss 0.00

    The bellyhoodcom (aka com.tapatalk.bellyhoodcom) application 3.4.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2014-5680Sep 9, 2014
    risk 0.00cvss epss 0.00

    The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.