Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27122 of 28407

CVE-2017-1376

Posted by Cyberthreat Blog | Aug 28, 2017 | CVE Notifications |

A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges. IBM X-Force ID: 126873.

CVE-2017-10842

Posted by Cyberthreat Blog | Aug 28, 2017 | CVE Notifications |

SQL injection vulnerability in the baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2017-10844

Posted by Cyberthreat Blog | Aug 28, 2017 | CVE Notifications |

baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors.

CVE-2017-10841

Posted by Cyberthreat Blog | Aug 28, 2017 | CVE Notifications |

Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.

CVE-2017-10843

Posted by Cyberthreat Blog | Aug 28, 2017 | CVE Notifications |

baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the “File” field is being used in the mail form.

Author: Cyberthreat Blog

CVE-2017-1376

CVE-2017-10842

CVE-2017-10844

CVE-2017-10841

CVE-2017-10843