Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28251 of 28407

CVE-2015-2947

Posted by Cyberthreat Blog | Apr 13, 2017 | CVE Notifications |

KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.

CVE-2017-7628

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

The “Smart related articles” extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).

CVE-2017-7626

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

The “Smart related articles” extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).

CVE-2017-7627

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

The “Smart related articles” extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).

CVE-2016-4337

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.

Author: Cyberthreat Blog

CVE-2015-2947

CVE-2017-7628

CVE-2017-7626

CVE-2017-7627

CVE-2016-4337