|
272231
|
- |
|
sap
|
businessobjects_edge
|
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
|
CWE-200
Information Exposure
|
CVE-2015-2076
|
2024-11-21 11:26 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272232
|
- |
|
sap
|
businessobjects_edge
|
SAP BusinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2075
|
2024-11-21 11:26 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272233
|
- |
|
sap
|
hana
|
Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1.00.73.00.389160) and HANA Developer Edition 80 (1.00.80.00.391861) allow remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2072
|
2024-11-21 11:26 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272234
|
- |
|
sympies
|
wordpress_survey_and_poll
|
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the s…
|
CWE-89
SQL Injection
|
CVE-2015-2090
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272235
|
- |
|
crossslide_jquery_project
|
crossslide_jquery
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote attackers to hijack the authentica…
|
CWE-352
Origin Validation Error
|
CVE-2015-2089
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272236
|
- |
|
term_queue_project
|
term_queue
|
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Term Queue module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unkn…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2088
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272237
|
- |
|
avatar_uploader_project
|
avatar_uploader
|
Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension…
|
NVD-CWE-Other
|
CVE-2015-2087
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272238
|
- |
|
panopoly_magic_project
|
panopoly_magic
|
Cross-site scripting (XSS) vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pan…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2086
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272239
|
- |
|
cybernetikz
|
easy_social_icons
|
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that con…
|
CWE-352
Origin Validation Error
|
CVE-2015-2084
|
2024-11-21 11:26 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272240
|
- |
|
ilch
|
cms
|
Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows remote attackers to hijack the authentication of administrators for requests that add a value to a profile field via a profilefields…
|
CWE-352
Origin Validation Error
|
CVE-2015-2083
|
2024-11-21 11:26 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
