|
266061
|
9.8 |
CRITICAL
Network
|
adobe
|
acrobat
acrobat_dc
acrobat_reader_dc
reader
|
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attacker…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1037
|
2024-11-21 11:45 |
2016-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266062
|
8.8 |
HIGH
Network
|
lockon
|
ec-cube
|
Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2016-1201
|
2024-11-21 11:45 |
2016-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266063
|
6.3 |
MEDIUM
Network
|
lockon
|
ec-cube
|
The management screen in LOCKON EC-CUBE 3.0.7 through 3.0.9 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2016-1…
|
CWE-284
Improper Access Control
|
CVE-2016-1200
|
2024-11-21 11:45 |
2016-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266064
|
5.3 |
MEDIUM
Network
|
lockon
|
ec-cube
|
The login page in the management screen in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to bypass intended IP address restrictions via unspecified vectors, a different vulnerability tha…
|
CWE-200
Information Exposure
|
CVE-2016-1199
|
2024-11-21 11:45 |
2016-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266065
|
8.8 |
HIGH
Network
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Wi…
|
NVD-CWE-Other
|
CVE-2016-1111
|
2024-11-21 11:45 |
2016-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266066
|
6.1 |
MEDIUM
Network
|
shiro8
|
category_freearea_addition
itemdetail_freearea_addition
|
Cross-site scripting (XSS) vulnerability in the shiro8 (1) category_freearea_ addition_plugin plugin 1.0 and (2) itemdetail_freearea_ addition_plugin plugin 1.0 for EC-CUBE allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1205
|
2024-11-21 11:45 |
2016-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266067
|
7.8 |
HIGH
Local
|
atom
|
electron
|
Untrusted search path vulnerability in Atom Electron before 0.33.5 allows local users to gain privileges via a Trojan horse Node.js module in a parent directory of a directory named on a require line.
|
NVD-CWE-Other
|
CVE-2016-1202
|
2024-11-21 11:45 |
2016-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266068
|
2.5 |
LOW
Local
|
cybozu
|
kintone
|
The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application.
|
CWE-200
Information Exposure
|
CVE-2016-1185
|
2024-11-21 11:45 |
2016-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266069
|
6.1 |
MEDIUM
Network
|
adobe
|
analytics_appmeasurement_for_flash_library
|
Cross-site scripting (XSS) vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1036
|
2024-11-21 11:45 |
2016-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266070
|
7.5 |
HIGH
Network
|
adobe
|
robohelp
|
Adobe RoboHelp Server 9 before 9.0.1 mishandles SQL queries, which allows attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-1035
|
2024-11-21 11:45 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
