2 matches found
CVE-2015-0935
Bomgar Remote Support prior to 15.1.1 is vulnerable to arbitrary PHP code execution via crafted serialized data that is deserialized by the application. The root cause is improper handling of untrusted serialized input (PHP unserialize) in the Bomgar portal, enabling an attacker to execute code i...
CVE-2017-12815
CVE-2017-12815 concerns a path traversal vulnerability in Bomgar Remote Support Portal’s JavaStart.jar Applet (versions 52790 and earlier). The underlying issue is in App.class, which uses the attacker-controlled URL parameter to construct a File() path, allowing creation/modification/deletion of...