Vulnerabilities (CVE)

Filtered by vendor Tapatalk Subscribe
Filtered by product Tapatalk
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-2023 1 Tapatalk 1 Tapatalk 2024-02-28 7.5 HIGH 9.8 CRITICAL
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/.
CVE-2017-14652 1 Tapatalk 1 Tapatalk 2024-02-28 7.5 HIGH 9.8 CRITICAL
SQL Injection vulnerability in mobiquo/lib/classTTForum.php in the Tapatalk plugin before 4.5.8 for MyBB allows an unauthenticated remote attacker to inject arbitrary SQL commands via an XML-RPC encoded document sent as part of the user registration process.
CVE-2014-8869 1 Tapatalk 1 Tapatalk 2024-02-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin 1.x before 1.1.2 for Woltlab Burning Board 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) app_android_id or (2) app_kindle_url parameter.
CVE-2014-8870 1 Tapatalk 1 Tapatalk 2024-02-28 5.8 MEDIUM N/A
Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin before 1.1.2 for Woltlab Burning Board 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board_url parameter.
CVE-2014-5680 1 Tapatalk 1 Tapatalk 2024-02-28 5.4 MEDIUM N/A
The Tapatalk (aka com.quoord.tapatalkpro.activity) application 4.8.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.