CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2017-12815 – Bomgar Remote Support Portal (RSP) Path Traversal
https://notcve.org/view.php?id=CVE-2017-12815
23 Mar 2018 — Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from an arbitrary website using
CVSS: 9.8EPSS: 12%CPEs: 1EXPL: 2CVE-2015-0935 – Bomgar Remote Support - Code Execution
https://notcve.org/view.php?id=CVE-2015-0935
25 May 2015 — Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts. Bomgar Remote Support anterior a 15.1.1 permite a atacantes remotos ejecutar código PHP arbitrario a través de datos serializados manipulados en secuencias de comandos PHP no especificadas. • https://packetstorm.news/files/id/137508 • CWE-94: Improper Control of Generation of Code ('Code Injection') •