Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File

Description: CVE-2016-4010: Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data. Impact:  Magento e-commerce platform is vulnerable to an unauthenticated arbitrary file write vulnerability. Attackers can exploit this issue to gain administrative access...

Read more

0
06 Mar 2017
in Security Advisories & Alerts

Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation vulnerability

Description: CVE-2016-8869: The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. CVE-2016-8870: The register method in the UsersModelRegistration class in controllers/user.php in the Users...

Read more

0
06 Mar 2017
Page 127 of 128« First...102030...124125126127128