|
267131
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service a…
|
CWE-275
Permission Issues
|
CVE-2015-7889
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267132
|
9.8 |
CRITICAL
Network
|
easy2map
|
easy2map
|
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include an…
|
CWE-22
Path Traversal
|
CVE-2015-7669
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267133
|
6.1 |
MEDIUM
Network
|
easy2map
|
easy2map
|
Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7668
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267134
|
6.1 |
MEDIUM
Network
|
web-mv
|
resads
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin before 1.0.2 for WordPress allow remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7667
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267135
|
6.1 |
MEDIUM
Network
|
codepeople
|
payment_form_for_paypal_pro
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro …
|
CWE-79
Cross-site Scripting
|
CVE-2015-7666
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267136
|
5.4 |
MEDIUM
Network
|
taxonomy_find_project
|
taxonomy_find
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Find module 6.x-2.x through 6.x-1.2 and 7.x-2.x through 7.x-1.0 in Drupal allows remote authenticated users with certain permissions to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7878
|
2024-11-21 11:37 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267137
|
6.1 |
MEDIUM
Network
|
drupal
jquery_update_project
labjs_project
|
drupal
jquery_update
labjs
|
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote atta…
|
CWE-601
Open Redirect
|
CVE-2015-7943
|
2024-11-21 11:37 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267138
|
8.8 |
HIGH
Network
|
realtyna
|
realtyna_property_listing
|
Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2015-7715
|
2024-11-21 11:37 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267139
|
7.2 |
HIGH
Network
|
realtyna
|
realtyna_property_listing
|
Multiple SQL injection vulnerabilities in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allow remote administrators to execute arbitrary SQL commands via the (1) id, (2) copy_field in…
|
CWE-89
SQL Injection
|
CVE-2015-7714
|
2024-11-21 11:37 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267140
|
9.8 |
CRITICAL
Network
|
form_manager_project
|
form_manager
|
Eval injection vulnerability in the fm_saveHelperGatherItems function in ajax.php in the Form Manager plugin before 1.7.3 for WordPress allows remote attackers to execute arbitrary code via unspecifi…
|
CWE-77
Command Injection
|
CVE-2015-7806
|
2024-11-21 11:37 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
