|
277131
|
6.1 |
MEDIUM
Network
|
web-mv
|
resads
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin before 1.0.2 for WordPress allow remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7667
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277132
|
6.1 |
MEDIUM
Network
|
codepeople
|
payment_form_for_paypal_pro
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro …
|
CWE-79
Cross-site Scripting
|
CVE-2015-7666
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277133
|
5.4 |
MEDIUM
Network
|
taxonomy_find_project
|
taxonomy_find
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Find module 6.x-2.x through 6.x-1.2 and 7.x-2.x through 7.x-1.0 in Drupal allows remote authenticated users with certain permissions to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7878
|
2024-11-21 11:37 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277134
|
6.1 |
MEDIUM
Network
|
drupal
jquery_update_project
labjs_project
|
drupal
jquery_update
labjs
|
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote atta…
|
CWE-601
Open Redirect
|
CVE-2015-7943
|
2024-11-21 11:37 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277135
|
8.8 |
HIGH
Network
|
realtyna
|
realtyna_property_listing
|
Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2015-7715
|
2024-11-21 11:37 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277136
|
7.2 |
HIGH
Network
|
realtyna
|
realtyna_property_listing
|
Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in…
|
CWE-89
SQL Injection
|
CVE-2015-7714
|
2024-11-21 11:37 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277137
|
9.8 |
CRITICAL
Network
|
form_manager_project
|
form_manager
|
Eval injection vulnerability in the fm_saveHelperGatherItems function in ajax.php in the Form Manager plugin before 1.7.3 for WordPress allows remote attackers to execute arbitrary code via unspecifi…
|
CWE-77
Command Injection
|
CVE-2015-7806
|
2024-11-21 11:37 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277138
|
9.8 |
CRITICAL
Network
|
openbsd
fedoraproject
|
opensmtpd
fedora
|
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mt…
|
CWE-416
Use After Free
|
CVE-2015-7687
|
2024-11-21 11:37 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277139
|
5.9 |
MEDIUM
Network
|
gurunavi
|
gournavi
|
Gurunavi App for iOS before 6.0.0 does not verify SSL certificates which could allow remote attackers to perform man-in-the-middle attacks.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-7778
|
2024-11-21 11:37 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277140
|
7.1 |
HIGH
Network
|
huawei
|
rh2288_v3_firmware
rh2288h_v3_firmware
xh628_v3_firmware
rh1288_v3_firmware
rh2288a_v2_firmware
rh1288a_v2_firmware
rh8100_v3_firmware
ch222_v3_firmware
ch220_v3_firmware
c…
|
Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with s…
|
CWE-275
Permission Issues
|
CVE-2015-7842
|
2024-11-21 11:37 |
2017-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
