OI : Security Vulnerabilities, CVEs, CVSS score >= 5
The Minha Oi (aka br.com.mobicare.minhaoi) application 1.15.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Max CVSS
5.4
EPSS Score
0.05%
Published
2014-09-17
Updated
2014-09-23
SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
Max CVSS
7.5
EPSS Score
0.60%
Published
2006-02-28
Updated
2018-10-18
2 vulnerabilities found