|
267451
|
- |
|
owncloud
|
owncloud
|
The files_external app in ownCloud Server before 7.0.9, 8.0.x before 8.0.7, and 8.1.x before 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary co…
|
CWE-20
Improper Input Validation
|
CVE-2015-7699
|
2024-11-21 11:37 |
2015-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267452
|
- |
|
colorbox_project
|
colorbox
|
The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and "add unexpected content to a Colorbox" via…
|
CWE-284
Improper Access Control
|
CVE-2015-7881
|
2024-11-21 11:37 |
2015-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267453
|
- |
|
owncloud
|
smb
owncloud
|
icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the (1) listShares function in Server.php or the (2) …
|
CWE-78
OS Command
|
CVE-2015-7698
|
2024-11-21 11:37 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267454
|
- |
|
kentico
|
kentico_cms
|
Open redirect vulnerability in CMSPages/GetDocLink.ashx in Kentico CMS 8.2 through 8.2.41 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in th…
|
NVD-CWE-Other
|
CVE-2015-7823
|
2024-11-21 11:37 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267455
|
- |
|
kentico
|
kentico_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Kentico CMS 8.2 allow remote attackers to inject arbitrary web script or HTML via a (1) parameter name to CMSModules/AdminControls/Pages/UIPage.…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7822
|
2024-11-21 11:37 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267456
|
- |
|
drupal_7_driver_for_sql_server_and_sql_azure_project
|
drupal_7_driver_for_sql_server_and_sql_azure
|
The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver for SQL Server and SQL Azure 7.x-1.x before 7.x-1.4 does not properly escape certain characters, which allows remote attackers to…
|
CWE-89
SQL Injection
|
CVE-2015-7876
|
2024-11-21 11:37 |
2015-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267457
|
- |
|
accelerite
|
radia_client_automation
|
The default configuration of Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended No…
|
CWE-254
7PK - Security Features
|
CVE-2015-7863
|
2024-11-21 11:37 |
2015-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267458
|
- |
|
accelerite
|
radia_client_automation
|
Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7862
|
2024-11-21 11:37 |
2015-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267459
|
- |
|
accelerite
|
radia_client_automation
|
Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7861
|
2024-11-21 11:37 |
2015-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267460
|
- |
|
accelerite
|
radia_client_automation
|
Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by se…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7860
|
2024-11-21 11:37 |
2015-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
