|
272221
|
- |
|
siemens
|
simatic_s7-300_cpu_firmware
simatic_s7-300_cpu
|
Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus.
|
CWE-20
Improper Input Validation
|
CVE-2015-2177
|
2024-11-21 11:26 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272222
|
- |
|
wonderplugin
|
audio_player
|
Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow (1) remote authenticated users to execute arbitrary SQL commands via the item[id] paramet…
|
CWE-89
SQL Injection
|
CVE-2015-2199
|
2024-11-21 11:26 |
2015-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272223
|
- |
|
beehive_forum
|
beehive_forum
|
Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage_url, (2) pic_url, or (3…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2198
|
2024-11-21 11:26 |
2015-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272224
|
- |
|
entity_api_project
|
entity_api
|
Cross-site scripting (XSS) vulnerability in the Entity API module before 7.x-1.6 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a field label in the Token API.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2197
|
2024-11-21 11:26 |
2015-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272225
|
- |
|
web-dorado
|
spider_calendar
|
SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-a…
|
CWE-89
SQL Injection
|
CVE-2015-2196
|
2024-11-21 11:26 |
2015-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272226
|
- |
|
wp_media_cleaner_project
|
wp_media_cleaner
|
Multiple cross-site scripting (XSS) vulnerabilities in the WP Media Cleaner plugin 2.2.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) view, (2) paged, or (3…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2195
|
2024-11-21 11:26 |
2015-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272227
|
- |
|
digitalnature
|
fusion
|
Unrestricted file upload vulnerability in the fusion_options function in functions.php in the Fusion theme 3.1 for Wordpress allows remote authenticated users to execute arbitrary code by uploading a…
|
NVD-CWE-Other
|
CVE-2015-2194
|
2024-11-21 11:26 |
2015-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272228
|
- |
|
cosmoshop
|
cosmoshop
|
Cross-site scripting (XSS) vulnerability in the admin-login panel (admin/index.cgi) in Cosmoshop allows remote attackers to inject arbitrary web script or HTML via the username field (u_name paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2103
|
2024-11-21 11:26 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272229
|
- |
|
clip-bucket
|
clipbucket
|
SQL injection vulnerability in view_item.php in ClipBucket 2.7 RC3 (2.7.0.4.v2929-rc3) allows remote attackers to execute arbitrary SQL commands via the item parameter.
|
CWE-89
SQL Injection
|
CVE-2015-2102
|
2024-11-21 11:26 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272230
|
- |
|
impliedbydesign
|
navigate
|
Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2101
|
2024-11-21 11:26 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
