Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27052 of 28407

CVE-2017-12906

Posted by Cyberthreat Blog | Sep 7, 2017 | CVE Notifications |

Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) cheaters.php or (2) confirm_resend.php.

CVE-2016-0732

Posted by Cyberthreat Blog | Sep 7, 2017 | CVE Notifications |

The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 through 4, when configured with multiple identity zones; and Elastic Runtime 1.6.0 through 1.6.13 allows...

CVE-2017-6362

Posted by Cyberthreat Blog | Sep 7, 2017 | CVE Notifications |

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

CVE-2015-3250

Posted by Cyberthreat Blog | Sep 7, 2017 | CVE Notifications |

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors.

CVE-2017-12838

Posted by Cyberthreat Blog | Sep 7, 2017 | CVE Notifications |

Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that (1) send manas via a request to mybonus.php or (2) add administrators via...

Author: Cyberthreat Blog

CVE-2017-12906

CVE-2016-0732

CVE-2017-6362

CVE-2015-3250

CVE-2017-12838