Schlagwort: Englisch

Trovent Security GmbH discovered that the GroupWise web application transmits the session ID in HTTP GET requests in the URL when email content is accessed.

Trovent Security GmbH discovered that the application stores the username and password in clear text in a file on the mobile device.

Trovent Security GmbH discovered a user account enumeration vulnerability in the password reset function of the Zepp mobile application.

Trovent Security GmbH discovered a user account enumeration vulnerability in the password reset function of the Vivellio mobile application.

Trovent Security GmbH discovered an SQL injection vulnerability in the search function of the calendar module.

Trovent Security GmbH discovered that the Dolibarr application does not escape “greater than” and “smaller than” characters if they are reflected in one of the small pop-up windows with details of the object.

Trovent Security discovered that the Dolibarr application on default settings allows remote code execution in the website builder module.

Trovent Security GmbH discovered that the Dolibarr application does not escape "greater than" and "smaller than" characters if they are reflected in one of the small pop-up windows with details of the object.

Trovent Security GmbH discovered an inconsistency between the API and the client of HealthForYou & Sanitas HealthCoach.

Trovent Security GmbH discovered that the VeryFitPro mobile application performs all communication with the backend API via cleartext HTTP.

Trovent Security GmbH discovered a vulnerability in the server API of the mobile apps Sanitas HealthCoach and HealthForYou