|
278311
|
- |
|
collne
|
welcart
|
Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers to inject arbitrary web script or HTML via the usces_referer parameter to …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2973
|
2024-11-21 11:28 |
2015-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278312
|
- |
|
ghisler
|
total_commander
|
The FileInfo plugin before 2.22 for Ghisler Total Commander allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via (1) a large Size value in the Archive M…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2869
|
2024-11-21 11:28 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278313
|
- |
|
canonical
apache
apple
|
ubuntu_linux
http_server
mac_os_x
xcode
mac_os_x_server
|
The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3185
|
2024-11-21 11:28 |
2015-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278314
|
- |
|
apache
|
http_server
|
The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a…
|
CWE-20
CWE-17
Improper Input Validation
Code
|
CVE-2015-3183
|
2024-11-21 11:28 |
2015-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278315
|
- |
|
kaseya
|
virtual_system_administrator
|
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect user…
|
NVD-CWE-Other
|
CVE-2015-2863
|
2024-11-21 11:28 |
2015-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278316
|
- |
|
kaseya
|
virtual_system_administrator
|
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users …
|
CWE-22
Path Traversal
|
CVE-2015-2862
|
2024-11-21 11:28 |
2015-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278317
|
- |
|
sysphonic
|
thetis
|
Multiple SQL injection vulnerabilities in Sysphonic Thetis before 2.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-2972
|
2024-11-21 11:28 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278318
|
- |
|
seeds
|
acmailer
|
Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string.
|
CWE-22
Path Traversal
|
CVE-2015-2971
|
2024-11-21 11:28 |
2015-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278319
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, when used in portlets with the default resource serving for GenericPortlet, does not properly restrict access to restricted reso…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3244
|
2024-11-21 11:28 |
2015-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278320
|
- |
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3095
|
2024-11-21 11:28 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
