|
270361
|
- |
|
xcloner
|
xcloner
|
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xclone…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4337
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270362
|
- |
|
xcloner
|
xcloner
|
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrat…
|
CWE-77
Command Injection
|
CVE-2015-4336
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270363
|
- |
|
cisco
|
prime_service_catalog
|
Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683.
|
NVD-CWE-Other
|
CVE-2015-4190
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270364
|
- |
|
cisco
|
prime_collaboration
|
SQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug IDs CSCuu29910, CSCuu299…
|
CWE-89
SQL Injection
|
CVE-2015-4188
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270365
|
- |
|
cisco
|
virtualization_experience_client_6000_series_firmware
|
The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS co…
|
CWE-78
OS Command
|
CVE-2015-4186
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270366
|
- |
|
cisco
|
unified_computing_system
|
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.
|
CWE-78
OS Command
|
CVE-2015-4183
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270367
|
- |
|
chaos_tool_suite_project
|
ctools
|
Open redirect vulnerability in the Chaos tool suite (ctools) module before 6.x-1.12 and 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct …
|
NVD-CWE-Other
|
CVE-2015-4398
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270368
|
- |
|
webform_project
|
webform
|
Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissio…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4374
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270369
|
- |
|
xen
|
xen
|
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via …
|
CWE-399
Resource Management Errors
|
CVE-2015-4164
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270370
|
- |
|
xen
|
xen
|
GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hyperca…
|
NVD-CWE-Other
|
CVE-2015-4163
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
