|
265371
|
5.3 |
MEDIUM
Network
|
adobe
|
experience_manager
|
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4253
|
2024-11-21 11:51 |
2016-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265372
|
6.1 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4170
|
2024-11-21 11:51 |
2016-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265373
|
5.3 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-4169
|
2024-11-21 11:51 |
2016-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265374
|
6.1 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-4168
|
2024-11-21 11:51 |
2016-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265375
|
7.7 |
HIGH
Network
|
hp
|
release_control
|
HPE Release Control (RC) 9.13, 9.20, and 9.21 before 9.21.0005 p4 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and consequently obtain sensitive informatio…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-4374
|
2024-11-21 11:51 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265376
|
8.6 |
HIGH
Network
|
wordpress
debian
|
wordpress
debian_linux
|
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2016-4029
|
2024-11-21 11:51 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265377
|
9.8 |
CRITICAL
Network
|
hp
|
operations_manager
|
The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apach…
|
CWE-284
Improper Access Control
|
CVE-2016-4373
|
2024-11-21 11:51 |
2016-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265378
|
6.2 |
MEDIUM
Local
|
cronic_project
debian
opensuse
|
cronic
debian_linux
leap
opensuse
|
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1) cronic.out.$$, (2) cronic.err.$$, or (3) cronic.trace.$$ file in /tmp.
|
CWE-284
Improper Access Control
|
CVE-2016-3992
|
2024-11-21 11:51 |
2016-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265379
|
9.8 |
CRITICAL
Network
|
hp
|
intelligent_management_center_endpoint_admission_defense
intelligent_management_center_network_traffic_analyzer
intelligent_management_center_application_performance_manager
intelligent_mana…
|
HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote…
|
CWE-20
Improper Input Validation
|
CVE-2016-4372
|
2024-11-21 11:51 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265380
|
8.8 |
HIGH
Network
|
fortinet
|
fortiweb
|
Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unsp…
|
CWE-352
Origin Validation Error
|
CVE-2016-4066
|
2024-11-21 11:51 |
2016-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
