Vulnerabilities > Tapatalk > Tapatalk > 1.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-26 | CVE-2014-2023 | SQL Injection vulnerability in Tapatalk Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/. | 7.5 |
2015-01-15 | CVE-2014-8870 | Arbitrary URI Redirection vulnerability in Tapatalk for WoltLab Burning Board Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin before 1.1.2 for Woltlab Burning Board 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the board_url parameter. network tapatalk | 5.8 |
2015-01-15 | CVE-2014-8869 | Cross-site Scripting vulnerability in Tapatalk Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin 1.x before 1.1.2 for Woltlab Burning Board 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) app_android_id or (2) app_kindle_url parameter. | 4.3 |