Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28123 of 28407

CVE-2017-8101

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request.

CVE-2016-4313

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.

CVE-2016-3691

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

Routes in Kallithea before 0.3.2 allows remote attackers to bypass the CSRF protection by using the GET HTTP request method.

CVE-2015-7570

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

Multiple server-side request forgery (SSRF) vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to...

CVE-2016-3114

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

Kallithea before 0.3.2 allows remote authenticated users to edit or delete open pull requests or delete comments by leveraging read access.

Author: Cyberthreat Blog

CVE-2017-8101

CVE-2016-4313

CVE-2016-3691

CVE-2015-7570

CVE-2016-3114