Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28125 of 28407

CVE-2017-8103

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

In MyBB before 1.8.11, the Email MyCode component allows XSS, as demonstrated by an onmouseover event.

CVE-2017-8104

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

In MyBB before 1.8.11, the smilie module allows Directory Traversal via the pathfolder parameter.

CVE-2017-8100

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

There is CSRF in the CopySafe Web Protection plugin before 2.6 for WordPress, allowing attackers to change plugin settings.

CVE-2017-7723

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.

CVE-2017-8102

Posted by Cyberthreat Blog | Apr 24, 2017 | CVE Notifications |

Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin’s cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipity_event_xsstrust plugin and a...

Author: Cyberthreat Blog

CVE-2017-8103

CVE-2017-8104

CVE-2017-8100

CVE-2017-7723

CVE-2017-8102