|
277711
|
- |
|
xen
|
xen
|
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involvin…
|
CWE-200
Information Exposure
|
CVE-2015-2044
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277712
|
- |
|
ajsquare
|
zeuscart
|
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2182
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277713
|
- |
|
palosanto
|
elastix
|
SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter.
|
CWE-89
SQL Injection
|
CVE-2015-1875
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277714
|
- |
|
ajsquare
|
zeuscart
|
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2015-2184
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277715
|
- |
|
zeuscart
|
zeuscart
|
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2)…
|
CWE-89
SQL Injection
|
CVE-2015-2183
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277716
|
- |
|
cfdbplugin
|
contact_form_db
|
Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the aut…
|
CWE-352
Origin Validation Error
|
CVE-2015-1874
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277717
|
- |
|
webgateinc
|
edvr_manager
|
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP a…
|
NVD-CWE-Other
|
CVE-2015-2096
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277718
|
- |
|
webgateinc
|
edvr_manager
|
Heap-based buffer overflow in the SetConnectInfo function in the WESPPTZ.WESPPTZCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via crafted arguments.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2095
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277719
|
- |
|
webgateinc
|
winrds
|
Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) P…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2094
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277720
|
- |
|
webgateinc
|
webeyeaudio
|
Stack-based buffer overflow in the Connect function in the WebGate WebEyeAudio ActiveX control allows remote attackers to execute arbitrary code via a crafted value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2093
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
