UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page.

Session fixation vulnerability in Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 and earlier allows remote attackers to hijack web sessions via a session id.

Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not properly restrict access to the (1) Design Mode and (2) Debug Logger mode modules, which allows remote attackers to gain privileges via crafted "received parameters."

The Hunting Trophy Whitetails (aka com.wHuntingTrophyWhitetails) application 0.75.13441.88885 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Multiple untrusted search path vulnerabilities in e-press ONE Office E-NoteTaker and E-Zip allow local users to gain privileges via a Trojan horse (1) mfc71enu.dll or (2) mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .rar, or .tar file. NOTE: some of these details are obtained from third party information.