CWE-22 – WindowsTechs.com

VU#168699: dotCMS contains multiple vulnerabilities

Posted on March 6, 2017 by CERT

The dotCMS administration panel is vulnerable to cross-site request forgery,and the"Push Publishing"feature in Enterprise Pro is vulnerable to path traversal and arbitrary file upload. dotCMS versions 3.7.1 and earlier are affected. Continue reading VU#168699: dotCMS contains multiple vulnerabilities→

VU#603047: Crestron AirMedia AM-100 contains multiple vulnerabilities

Posted on August 1, 2016 by CERT

The Crestron AirMedia AM-100 with firmware prior to version 1.4.0.13 is vulnerable to path traversal and command injection. Continue reading VU#603047: Crestron AirMedia AM-100 contains multiple vulnerabilities→