Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27501 of 28407

CVE-2017-11416

Posted by Cyberthreat Blog | Jul 18, 2017 | CVE Notifications |

Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.

CVE-2017-11418

Posted by Cyberthreat Blog | Jul 18, 2017 | CVE Notifications |

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/app_article/controller/article_list.php via $GET[‘cat’], $_GET[‘user’], $_GET[‘level’], and $_GET[‘iSortCol’.$i].

CVE-2017-11419

Posted by Cyberthreat Blog | Jul 18, 2017 | CVE Notifications |

Fiyo CMS 2.0.7 has SQL injection in /apps/app_article/controller/editor.php via $_POST[‘id’] and $_POST[‘art_title’].

Investigation of BitTorrent Sync (v.2.0) as a P2P Cloud Service (Part 4 ? Windows Thumbnail Cache, Registry, Prefetch Files, and Link Files artefacts), (Tue, Jul 18th)

Posted by Cyberthreat Blog | Jul 18, 2017 | SANS ISC Bulletins |

[This is fourth guest diary by Dr.Ali Dehghantanha. Previous diaries in the series are: Investigation of BitTorrent Sync (v.2.0) as a P2P Cloud (Part 1) Investigation of BitTorrent Sync (v.2.0) as a P2P Cloud Service (Part 2 ?...

CVE-2017-11403

Posted by Cyberthreat Blog | Jul 17, 2017 | CVE Notifications |

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

Author: Cyberthreat Blog

CVE-2017-11416

CVE-2017-11418

CVE-2017-11419

Investigation of BitTorrent Sync (v.2.0) as a P2P Cloud Service (Part 4 ? Windows Thumbnail Cache, Registry, Prefetch Files, and Link Files artefacts), (Tue, Jul 18th)

CVE-2017-11403