Vulnerabilities > CVE-2022-22792 - Unspecified vulnerability in Mobisoft - Mobiplus Project Mobisoft - Mobiplus
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
MobiSoft - MobiPlus User Take Over and Improper Handling of url Parameters Attacker can navigate to specific url which will expose all the users and password in clear text. http://IP/MobiPlusWeb/Handlers/MainHandler.ashx?MethodName=GridData&GridName=Users
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |