|
270081
|
- |
|
alcatel-lucent
|
cellpipe_7130_rg_5ae.m2013_hol_firmware
|
Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for…
|
CWE-352
Origin Validation Error
|
CVE-2015-4586
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270082
|
- |
|
dream-multimedia-tv
|
dreambox_dm500-s_firmware
|
Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4714
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270083
|
- |
|
apphp
|
hotel_site
|
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2015-4713
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270084
|
- |
|
arduino_json_project
|
arduino_json
|
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a ter…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4590
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270085
|
- |
|
airties
|
rt-210_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow remote attackers to inject arbitrary web script or HTML via the (1) ddns_domainame or (2) ddns_account…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4679
|
2024-11-21 11:31 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270086
|
- |
|
persian_car_cms_project
|
persian_car_cms
|
SQL injection vulnerability in Persian Car CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to the default URI.
|
CWE-89
SQL Injection
|
CVE-2015-4678
|
2024-11-21 11:31 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270087
|
- |
|
fiverrscript
|
fiverrscript
|
Cross-site request forgery (CSRF) vulnerability in FiverrScript (aka Fiverr Script) 7.2 allows remote attackers to hijack the authentication of administrators for requests that create a new admin via…
|
CWE-352
Origin Validation Error
|
CVE-2015-4677
|
2024-11-21 11:31 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270088
|
- |
|
aftab
|
tickfa
|
SQL injection vulnerability in ticket.php in TickFa 1.x allows remote authenticated users to execute arbitrary SQL commands via the tid parameter in a read action.
|
CWE-89
SQL Injection
|
CVE-2015-4676
|
2024-11-21 11:31 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270089
|
- |
|
tinysrp_project
|
tinysrp
|
Buffer overflow in the Tiny SRP library (aka TinySRP) allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted size value for the username field.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4675
|
2024-11-21 11:31 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270090
|
- |
|
swiftkey
|
swiftkey_sdk
|
Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and cons…
|
CWE-22
Path Traversal
|
CVE-2015-4641
|
2024-11-21 11:31 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
