Filtered by vendor Ipswitch Subscriptions
Filtered by product Moveit Mobile Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-7679 1 Ipswitch 1 Moveit Mobile 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Ipswitch MOVEit Mobile before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the query string to mobile/.
CVE-2015-7678 1 Ipswitch 1 Moveit Mobile 2024-11-21 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Ipswitch MOVEit Mobile 1.2.0.962 and earlier allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2015-7675 1 Ipswitch 2 Moveit Dmz, Moveit Mobile 2024-11-21 N/A
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID in the (1) serverFileIds parameter to mobile/sendMsg or (2) arg01 parameter to human.aspx.