|
272251
|
- |
|
apptha
|
wordpress_video_gallery
|
SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery (contus-video-gallery) plugin before 2.8 for WordPress allows remote attackers to execute arbitrary SQL comman…
|
CWE-89
SQL Injection
|
CVE-2015-2065
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272252
|
- |
|
dlguard
|
dlguard
|
Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to inde…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2064
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272253
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption)…
|
CWE-399
Resource Management Errors
|
CVE-2015-1881
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272254
|
- |
|
zhone_technologies
|
gpon_2520_firmware
|
Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter.
|
CWE-20
Improper Input Validation
|
CVE-2015-2055
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272255
|
- |
|
sierra_wireless
|
sierra_wireless_aircard_763s
sierra_wireless_aircard_760s
sierra_wireless_aircard_762s
|
CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequen…
|
NVD-CWE-Other
|
CVE-2015-2054
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272256
|
- |
|
mcafee
|
mcafee_agent
|
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks …
|
CWE-20
Improper Input Validation
|
CVE-2015-2053
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272257
|
- |
|
dlink
|
dir-645_firmware
|
Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2052
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272258
|
- |
|
dlink
|
dap-1320_firmware
|
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2050
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272259
|
- |
|
dlink
|
dcs-931l_firmware
|
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
|
NVD-CWE-Other
|
CVE-2015-2049
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272260
|
- |
|
dlink
|
dcs-931l_firmware
|
Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2015-2048
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
