October 2021 Page 7 of 357 | Cyberthreat Blog from Fortify24x7

CVE-2021-41874

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

An unauthorized access vulnerabiitly exists in all versions of Portainer, which could let a malicious user obtain sensitive information.

CVE-2021-41748

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

An Incorrect Access Control issue exists in all versions of Portainer.via an unauthorized access vulnerability. The vulnerability is also CNVD-2021-49547

CVE-2021-41646

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..

CVE-2021-41746

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

SQL Injection vulnerability exists in all versions of Yonyou TurboCRM.via the orgcode parameter in changepswd.php. Attackers can use the vulnerabilities to obtain sensitive database information.

CVE-2021-3756

Posted by Cyberthreat Blog | Oct 29, 2021 | CVE Notifications |

libmysofa is vulnerable to Heap-based Buffer Overflow

Month: October 2021

CVE-2021-41874

CVE-2021-41748

CVE-2021-41646

CVE-2021-41746

CVE-2021-3756