|
276221
|
- |
|
symantec
|
web_gateway
|
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to …
|
CWE-89
SQL Injection
|
CVE-2015-6548
|
2024-11-21 11:35 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276222
|
- |
|
symantec
|
web_gateway
|
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified v…
|
CWE-77
Command Injection
|
CVE-2015-6547
|
2024-11-21 11:35 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276223
|
- |
|
vmware
|
vcenter_server
|
VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informat…
|
CWE-310
Cryptographic Issues
|
CVE-2015-6932
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276224
|
- |
|
3s-smart
|
codesys_gateway_server
|
Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6460
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276225
|
- |
|
ge
|
mds_pulsenet
|
Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or dele…
|
CWE-22
Path Traversal
|
CVE-2015-6459
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276226
|
- |
|
ge
|
mds_pulsenet
|
GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequent…
|
NVD-CWE-Other
|
CVE-2015-6456
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276227
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6939
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276228
|
- |
|
citrix
|
netscaler_gateway_firmware
netscaler_application_delivery_controller_firmware
|
Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6672
|
2024-11-21 11:35 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276229
|
- |
|
teiko
|
farol
|
SQL injection vulnerability in the web application in Farol allows remote attackers to execute arbitrary SQL commands via the email parameter to tkmonitor/estrutura/login/Login.actions.php.
|
CWE-89
SQL Injection
|
CVE-2015-6962
|
2024-11-21 11:35 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276230
|
- |
|
igniterealtime
|
openfire
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a pass…
|
CWE-352
Origin Validation Error
|
CVE-2015-6973
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
