|
268831
|
5.4 |
MEDIUM
Network
|
humhub
|
humhub
|
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1229
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268832
|
6.1 |
MEDIUM
Network
|
kobe-beauty
|
php-contact-form
|
Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1222
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268833
|
2.7 |
LOW
Network
|
futomi
|
mp_form_mail_cgi
|
Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2016-1212
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268834
|
6.1 |
MEDIUM
Network
|
epoch
|
web_mailing_list
|
Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1211
|
2024-11-21 11:45 |
2016-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268835
|
5.4 |
MEDIUM
Network
|
iodata
|
wn-g300r2_firmware
wn-g300r3_firmware
wn-g300r_firmware
|
Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1207
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268836
|
4.3 |
MEDIUM
Adjacent
|
iodata
|
wn-gdn\/r3_firmware
|
The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-f…
|
CWE-200
Information Exposure
|
CVE-2016-1206
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268837
|
9.8 |
CRITICAL
Network
|
ninjaforms
|
ninja_forms
|
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
|
CWE-20
Improper Input Validation
|
CVE-2016-1209
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268838
|
7.5 |
HIGH
Network
|
apple
filemaker
|
mac_os_x
filemaker
|
The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-1208
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268839
|
9.8 |
CRITICAL
Network
|
adobe
|
acrobat
acrobat_dc
acrobat_reader_dc
reader
|
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attacker…
|
CWE-284
Improper Access Control
|
CVE-2016-1117
|
2024-11-21 11:45 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268840
|
9.8 |
CRITICAL
Network
|
adobe
|
acrobat
acrobat_dc
acrobat_reader_dc
reader
|
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attacker…
|
CWE-200
Information Exposure
|
CVE-2016-1112
|
2024-11-21 11:45 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
