Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27388 of 28407

CVE-2017-12200

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS in the Add Product Manually component.

CVE-2017-12141

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

CVE-2017-12144

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.

CVE-2017-12138

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter.

CVE-2017-12199

Posted by Cyberthreat Blog | Aug 2, 2017 | CVE Notifications |

The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-item,...

Author: Cyberthreat Blog

CVE-2017-12200

CVE-2017-12141

CVE-2017-12144

CVE-2017-12138

CVE-2017-12199