|
277671
|
- |
|
infinite_automation_systems
|
mango_automation
|
Multiple cross-site scripting (XSS) vulnerabilities in data_point_details.shtm in Mango Automation 2.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dpid, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1179
|
2024-11-21 11:24 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277672
|
- |
|
qualiteam
|
x-cart
|
Multiple cross-site scripting (XSS) vulnerabilities in cart.php in X-Cart 5.1.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) product_id or (2) category_id par…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1178
|
2024-11-21 11:24 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277673
|
- |
|
pxz_project
|
pxz
|
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to byp…
|
CWE-362
Race Condition
|
CVE-2015-1200
|
2024-11-21 11:24 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277674
|
- |
|
eventsentry
|
eventsentry
|
Cross-site scripting (XSS) vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1180
|
2024-11-21 11:24 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277675
|
- |
|
osticket
|
osticket
|
Cross-site scripting (XSS) vulnerability in upload/scp/tickets.php in osTicket before 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the status parameter in a search action.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1176
|
2024-11-21 11:24 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277676
|
- |
|
canonical
google
chromium
|
ubuntu_linux
chrome
chromium
|
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-1205
|
2024-11-21 11:24 |
2015-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277677
|
- |
|
prestashop
|
prestashop
|
Cross-site scripting (XSS) vulnerability in blocklayered-ajax.php in the blocklayered module in PrestaShop 1.6.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the l…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1175
|
2024-11-21 11:24 |
2015-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277678
|
- |
|
ipass
|
ipass_open_mobile
|
The client in iPass Open Mobile before 2.4.5 on Windows allows remote authenticated users to execute arbitrary code via a DLL pathname in a crafted Unicode string that is improperly handled by a subp…
|
CWE-94
Code Injection
|
CVE-2015-0925
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277679
|
- |
|
opensuse
oracle
gnu
|
opensuse
solaris
patch
|
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
|
CWE-59
Link Following
|
CVE-2015-1196
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277680
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
The V2 API in OpenStack Image Registry and Delivery Service (Glance) before 2014.1.4 and 2014.2.x before 2014.2.2 allows remote authenticated users to read or delete arbitrary files via a full pathna…
|
CWE-22
Path Traversal
|
CVE-2015-1195
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
