Author Topic: Rules Updates: Changelog  (Read 29712 times)

Offline Serhyo

  • Moderator
  • Comodo Family Member
  • *****
  • Posts: 69
Re: Rules Updates: Changelog
« Reply #120 on: August 29, 2017, 11:29:31 AM »
2017.08.29
Rules for: Apache, LiteSpeed, Nginx, IIS
Version 1.136


- XSS vulnerability in Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress (CVE-2017-12200)
- CSRF vulnerability in Clean Login plugin before 1.8 for WordPress (CVE-2017-8875)
- Possible arbitrary code execution in Cacti before 1.1.16 (CVE-2017-12065)
- CSRF vulnerability in the BigTree CMS through 4.2.18 (CVE-2017-9379)
- XSS vulnerability in XOOPS Core 2.5.8 (CVE-2017-12139)
- SQL injection vulnerability in Fiyo CMS 2.0.7 (CVE-2017-11412)
- CSRF vulnerability in the BigTree CMS through 4.2.17 (CVE-2017-7881)
- bl_domains update

Offline Serhyo

  • Moderator
  • Comodo Family Member
  • *****
  • Posts: 69
Re: Rules Updates: Changelog
« Reply #121 on: September 05, 2017, 11:14:41 AM »
2017.09.05
Rules for: Apache, LiteSpeed, Nginx, IIS
Version 1.137


- XSS vulnerability in Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress (CVE-2017-12200)
- XSS vulnerability in Easy Testimonials plugin 3.0.4 for WordPress (CVE-2017-12131)
- CSRF vulnerability in WHIZZ plugin before 1.1.1 for WordPress (CVE-2017-8099)
- SQL injection vulnerability in the Podlove Podcast Publisher plugin 2.5.3 for WordPress (CVE-2017-12949)
- SQL injection vulnerability in Easy Modal plugin before 2.1.0 for WordPress (CVE-2017-12946,CVE-2017-12947)
- SQL injection vulnerability in Web-Dorado Photo Gallery by WD - Responsive Photo Gallery plugin before 1.3.51 for WordPress (CVE-2017-12977)
- XSS vulnerability in Cacti 1.1.17 (CVE-2017-12927)
- SQL injection vulnerability in Fiyo CMS 2.0.7 (CVE-2017-11417)
- bl_domains update

Offline Serhyo

  • Moderator
  • Comodo Family Member
  • *****
  • Posts: 69
Re: Rules Updates: Changelog
« Reply #122 on: September 20, 2017, 11:52:16 AM »
2017.09.20
Rules for: Apache, LiteSpeed, Nginx, IIS
Version 1.138


- XSS vulnerability in Participants Database plugin before 1.7.5.10 for WordPress (CVE-2017-14126)
- XSS vulnerability in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress (CVE-2015-9229)
- Unrestricted file upload vulnerability in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress (CVE-2015-9228)
- SQLi vulnerability in Photocrati image-gallery-with-slideshow v1.5.2 plugin for WordPress (CVE-2017-1002012)
- SQL injection vulnerability in Dolibarr ERP/CRM version 6.0.0 (CVE-2017-14242)
- SQL injection vulnerability in Dolibarr ERP/CRM version 6.0.0 (CVE-2017-14238)
- bl_domains update

 

Seo4Smf 2.0 © SmfMod.Com Smf Destek