Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28180 of 28407

CVE-2017-7991

Posted by Cyberthreat Blog | Apr 21, 2017 | CVE Notifications |

Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php.

CVE-2017-8052

Posted by Cyberthreat Blog | Apr 21, 2017 | CVE Notifications |

Craft CMS before 2.6.2974 allows XSS attacks.

CVE-2016-1198

Posted by Cyberthreat Blog | Apr 21, 2017 | CVE Notifications |

Photopt for Android before 2.0.1 does not verify SSL certificates.

CVE-2016-2433

Posted by Cyberthreat Blog | Apr 21, 2017 | CVE Notifications |

The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.

CVE-2016-1186

Posted by Cyberthreat Blog | Apr 21, 2017 | CVE Notifications |

Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates.

Author: Cyberthreat Blog

CVE-2017-7991

CVE-2017-8052

CVE-2016-1198

CVE-2016-2433

CVE-2016-1186