|
277431
|
- |
|
mysql-lite-administrator_project
|
mysql-lite-administrator
|
Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name para…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5064
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277432
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_passwo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5063
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277433
|
- |
|
silverstripe
|
silverstripe
|
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter t…
|
NVD-CWE-Other
|
CVE-2015-5062
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277434
|
- |
|
zohocorp
|
manageengine_assetexplorer
|
Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 and earlier allows remote authenticated users with permissions to add new vendors to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5061
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277435
|
9.8 |
CRITICAL
Network
|
pexip
|
pexip_infinity
|
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.
|
CWE-269
Improper Privilege Management
|
CVE-2015-4719
|
2024-11-21 11:31 |
2020-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277436
|
7.5 |
HIGH
Network
|
mongodb
fedoraproject
|
bson
fedora
|
The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted stri…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2015-4411
|
2024-11-21 11:31 |
2020-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277437
|
7.5 |
HIGH
Network
|
moped_project
fedoraproject
|
moped
fedora
|
The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote attackers to cause a denial of service (worker resource consumption) or pe…
|
CWE-20
Improper Input Validation
|
CVE-2015-4410
|
2024-11-21 11:31 |
2020-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277438
|
4.9 |
MEDIUM
Network
|
owncloud
|
owncloud
|
The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote a…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2015-4715
|
2024-11-21 11:31 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277439
|
8.8 |
HIGH
Network
|
dedecms
|
dedecms
|
A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2015-4553
|
2024-11-21 11:31 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277440
|
5.4 |
MEDIUM
Network
|
cloudera
|
cloudera_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4457
|
2024-11-21 11:31 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
