Show filters
16 Total Results
Displaying 11-16 of 16
Sort by:
Attacker Value
Unknown
CVE-2017-18484
Disclosure Date: August 08, 2019 (last updated November 27, 2024)
Cognitoys Dino devices allow XSS via the SSID.
0
Attacker Value
Unknown
CVE-2014-7633
Disclosure Date: October 21, 2014 (last updated October 05, 2023)
The Dino Zoo (aka com.tappocket.dinozoostar) application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown
CVE-2014-6997
Disclosure Date: October 16, 2014 (last updated October 05, 2023)
The Dino Village (aka com.tappocket.dinovillage) application 1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
Attacker Value
Unknown
CVE-2002-1133
Disclosure Date: October 04, 2002 (last updated February 22, 2025)
Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters.
0
Attacker Value
Unknown
CVE-2002-0291
Disclosure Date: May 31, 2002 (last updated February 22, 2025)
Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time.
0
Attacker Value
Unknown
CVE-2002-0111
Disclosure Date: March 25, 2002 (last updated February 22, 2025)
Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL.
0
