Vulnerabilities (CVE)

Filtered by vendor Ipswitch Subscribe
Filtered by product Moveit Mobile
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7679 1 Ipswitch 1 Moveit Mobile 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/.
CVE-2015-7678 1 Ipswitch 1 Moveit Mobile 2024-11-21 6.8 MEDIUM 8.8 HIGH
Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2015-7675 1 Ipswitch 2 Moveit Dmz, Moveit Mobile 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.