|
278521
|
- |
|
wpml
|
wpml
|
The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request con…
|
CWE-284
Improper Access Control
|
CVE-2015-2792
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278522
|
- |
|
wpml
|
wpml
|
The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/men…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2791
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278523
|
- |
|
foxitsoftware
|
enterprise_reader
foxit_reader
phantompdf
|
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure o…
|
CWE-20
Improper Input Validation
|
CVE-2015-2790
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278524
|
- |
|
foxitsoftware
|
foxit_reader
|
Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse p…
|
NVD-CWE-Other
|
CVE-2015-2789
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278525
|
- |
|
php
apple
redhat
opensuse
|
php
mac_os_x
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
…
|
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execu…
|
NVD-CWE-Other
|
CVE-2015-2787
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278526
|
- |
|
mybb
|
mybb
|
Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 has unknown attack vectors related to "Group join request notifications sent to wrong group leaders."
|
NVD-CWE-noinfo
|
CVE-2015-2786
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278527
|
- |
|
gnome
|
byzanz
|
The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (Byzan…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2785
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278528
|
- |
|
websense
|
v-series_appliances
|
SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to read arbitrary files via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2773
|
2024-11-21 11:28 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278529
|
- |
|
websense
|
v-series_appliances
|
SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2772
|
2024-11-21 11:28 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278530
|
- |
|
websense
|
v-series_appliances
triton_ap_email
|
The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-2771
|
2024-11-21 11:28 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
