Monthly Archive: April 2018

In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in...

The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection. Date published : 2018-04-27 https://www.exploit-db.com/exploits/44559/ Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder

An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser. Date published : 2018-04-27...

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the...

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an...

b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI. Date published : 2018-04-27 https://github.com/b3log/symphony/issues/620

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder...

puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director’s installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and...

IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information. Date published : 2018-04-26 https://download.microfocus.com/Download?buildid=Xg1dZMVbBzs~

NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack. Date published : 2018-04-26 https://download.microfocus.com/Download?buildid=iGYyq6xwjhE~&donotredirect=true

Users’ VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions,...

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary...

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the...