Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28253 of 28407

CVE-2016-1179

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML.

CVE-2016-4897

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.

CVE-2016-4893

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

SQL injection vulnerability in SetucoCMS.

CVE-2017-7284

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can leverage api/includes/users.php to change the password of the logged in account without knowing the current password. This allows...

CVE-2016-4895

Posted by Cyberthreat Blog | Apr 12, 2017 | CVE Notifications |

SetucoCMS allows remote authenticated users to execute arbitrary code.

Author: Cyberthreat Blog

CVE-2016-1179

CVE-2016-4897

CVE-2016-4893

CVE-2017-7284

CVE-2016-4895