Cross site scripting

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality...

Open redirect

An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute unauthorized code or commands via the url parameter...

CVE-2017-3126

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter...

CVE-2017-3129

A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature...

CVE-2017-3129

A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature...

CVE-2017-7343

CVE-2017-7343 : The connected documents confirm a vulnerability in Fortinet FortiPortal ≤ 4.0.0 described as an open redirect via the url parameter . This could allow an attacker to cause unauthorized actions by redirecting or manipulating the request, with the NVD entry noting that an attacker c...

CVE-2017-7339

CVE-2017-7339 affects Fortinet FortiPortal 4.0.0 and earlier, where a cross-site scripting flaw exists in the Add Revision Backup function via the Name and Description inputs. The vulnerability enables an attacker to inject and execute script in the context of a logged-in user. The connected docu...

CVE-2017-3126

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter...

CVE-2017-7339

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the 'Name' and 'Description' inputs in the 'Add Revision Backup' functionality...

Cross site scripting

A stored XSS Cross-Site-Scripting vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter...

CVE-2017-3128

A stored XSS Cross-Site-Scripting vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter...

CVE-2017-3128

A stored XSS Cross-Site-Scripting vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter...

Jenkins unauthorized code execution vulnerability analysis, updated the vulnerability of the environment, to detect script-vulnerability warning-the black bar safety net

A, summary CloudBees Jenkins 2.32.1 version exists in Java deserialization vulnerability, and ultimately can lead to remote code execution. Jenkins is a continuous integration continuous integration and continuous delivery system, can improve the software development process of the Central Africa...

Revive Ad Server 4.0.1 - Cross-Site Scripting / Cross-Site Request Forgery

--------------------------------------------------------------- Exploit Title: XSRF Stored Revive Ad Server 4.0.1 Date: 24/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT Vendor Website : https://www.revive-adserver.com/ Software download : https://www.revive-adserver.com/download/...

Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Microsoft Windows fails to properly sanitize handles in memory. An attacker who successfully exploited the vulnerability could run arbitrary code as System. An attacker could then install programs; view, change, or delete data; or create new...

CVE-2017-7625

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/apptheme/libs/savefile.php" and then execute code...

fastjson remote code execution vulnerability technical analysis and protection solution-vulnerability warning-the black bar safety net

! 2017-year 3 December 15, fastjson official released a security Bulletin indicating fastjson in 1. 2. 24 and the prior version there is a remote code execution high-risk security vulnerabilities. An attacker can use this vulnerability to remotely execute malicious code to invade the server...

Privilege escalation

Privilege escalation vulnerability in Intel Security McAfee Application Control MAC 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call...

CVE-2016-8009

Privilege escalation vulnerability in Intel Security McAfee Application Control MAC 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call...

CVE-2016-8009

Privilege escalation vulnerability in Intel Security McAfee Application Control MAC 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call...