Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Careers and People

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Aamir Lakhani

Cybersecurity Researcher and Practitioner for FortiGuard Labs

News & Commentary Posts: 5

Aamir Lakhani formulates security strategy with more than 15 years of cybersecurity experience, his goal to make a positive impact toward the global war on cybercrime and information security. Lakhani provides thought leadership to industry and has presented research and strategy worldwide at premier security conferences. As a cybersecurity expert, his work has included meetings with leading political figures and key policy stakeholders who help define the future of cybersecurity.â€¯

Articles by Aamir Lakhani

View Content By Month

Building the Human Firewall

10/20/2020
Cybersecurity was a challenge before COVID-19 sent millions of employees home to work from their own devices and networks. Now what?
Post a Comment

IoT Security During COVID-19: What We've Learned & Where We're Going

8/7/2020
Vigilance and ongoing training combined with an integrated security framework are key aspects of a successful strategy in the fight against the latest crop of pandemic opportunists.
Post a Comment

Building Black Hat: Locking Down One Of The World’s Biggest Security Conferences

7/25/2016
For security pros, being asked to help secure Black Hat is like being asked to play on the Olympic basketball team.
Post a Comment

Securing Black Hat From Black Hat

8/14/2015
‘Dr. Chaos’ shares the inside scoop on the challenges and rewards of protecting one of the 'most hostile networks on the planet.'
Post a Comment

Editors' Choice

Manchester United Suffers Cyberattack

Dark Reading Staff 11/23/2020

As 'Anywhere Work' Evolves, Security Will Be Key Challenge

Robert Lemos, Contributing Writer, 11/23/2020

Cloud Security Startup Lightspin Emerges From Stealth

Kelly Sheridan, Staff Editor, Dark Reading, 11/24/2020

Get Your Pass | Interop Digital December 3rd FREE Event

Interop Digital December 3rd FREE Event on Cloud & Networking

More Informa Tech Live Events

White Papers

5 Key Steps for Assessing Your Security Effectiveness

Practical Advice for Choosing Your First (or Next) SIEM

Reducing Data Breach Risk From Your Remote Workforce

The State of Global Phishing

Managing OTT Content Distribution in the Connect World

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

The Malware Threat Landscape

The Malware Threat Landscape

Download this report to learn about the real makeup of online threats, as reported by the defenders who see them every day.

How Data Breaches Affect the Enterprise (2020)

How IT Security Organizations are Attacking the Cybersecurity Problem

Special Report: Understanding Your Cyber Attackers

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2017-15682
PUBLISHED: 2020-11-27

In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.

CVE-2017-15683
PUBLISHED: 2020-11-27

In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.

CVE-2017-15684
PUBLISHED: 2020-11-27

Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system.

CVE-2017-15685
PUBLISHED: 2020-11-27

Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.

CVE-2017-15686
PUBLISHED: 2020-11-27

Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site Scripting (XSS), which allows remote attackers to steal usersâ€™ cookies.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]