|
272651
|
- |
|
catbot_project
|
catbot
|
SQL injection vulnerability in index.php in CatBot 0.4.2 allows remote attackers to execute arbitrary SQL commands via the lastcatbot parameter.
|
CWE-89
SQL Injection
|
CVE-2015-1367
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272652
|
- |
|
pixabay_images_project
|
pixabay_images
|
Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the image_user …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1366
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272653
|
- |
|
pixabay_images_project
|
pixabay_images
|
Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress allows remote attackers to write to arbitrary files via a .. (dot dot) in the q parameter.
|
CWE-22
Path Traversal
|
CVE-2015-1365
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272654
|
- |
|
freereprintables
|
articlefr
|
SQL injection vulnerability in the getProfile function in system/profile.functions.php in Free Reprintables ArticleFR 3.0.5 allows remote attackers to execute arbitrary SQL commands via the username …
|
CWE-89
SQL Injection
|
CVE-2015-1364
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272655
|
- |
|
freereprintables
|
articlefr
|
Cross-site scripting (XSS) vulnerability in Free Reprintables ArticleFR 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter to search/v/.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1363
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272656
|
- |
|
two_pilots
|
exif_pilot
|
Buffer overflow in the Customize 35mm tab in Two Pilots Exif Pilot 4.7.2 allows remote attackers to execute arbitrary code via a long string in the maker element in an XML file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1362
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272657
|
- |
|
google
|
chrome
|
platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which mi…
|
CWE-17
Code
|
CVE-2015-1361
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272658
|
- |
|
google
|
chrome
|
Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data that is improper…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1360
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272659
|
- |
|
google
|
chrome
|
Multiple off-by-one errors in fpdfapi/fpdf_font/font_int.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (buffer overflow) or possibly h…
|
CWE-189
Numeric Errors
|
CVE-2015-1359
|
2024-11-21 11:25 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272660
|
- |
|
kde
|
plasma-workspace
kde-workspace
|
kde-workspace 4.2.0 and plasma-workspace before 5.1.95 allows remote attackers to obtain input events, and consequently obtain passwords, by leveraging access to the X server when the screen is locke…
|
CWE-200
Information Exposure
|
CVE-2015-1308
|
2024-11-21 11:25 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
