|
274211
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and read files via unspecified vectors, a different vulnerabil…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2953
|
2024-11-21 11:28 |
2015-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274212
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
The user-information management functionality in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote authenticated users to bypass intended access restrictions and…
|
CWE-284
Improper Access Control
|
CVE-2015-2952
|
2024-11-21 11:28 |
2015-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274213
|
- |
|
cgi_rescue
|
blobee
|
CGI RESCUE BloBee 1.20 and earlier allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-2962
|
2024-11-21 11:28 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274214
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
Cross-site scripting (XSS) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2957
|
2024-11-21 11:28 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274215
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-2956
|
2024-11-21 11:28 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274216
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2015-2955
|
2024-11-21 11:28 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274217
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
Cross-site request forgery (CSRF) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-2954
|
2024-11-21 11:28 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274218
|
- |
|
adobe
google
|
flash_player
air
android
air_sdk
air_sdk_\&_compiler
|
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X…
|
CWE-200
Information Exposure
|
CVE-2015-3108
|
2024-11-21 11:28 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274219
|
- |
|
adobe
google
opensuse
|
air
android
evergreen
flash_player
air_sdk
air_sdk_\&_compiler
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windo…
|
NVD-CWE-Other
CWE-416
Use After Free
|
CVE-2015-3107
|
2024-11-21 11:28 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274220
|
- |
|
adobe
google
|
air
air_sdk
air_sdk_\&_compiler
flash_player
android
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windo…
|
NVD-CWE-Other
|
CVE-2015-3106
|
2024-11-21 11:28 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
