|
268181
|
7.5 |
HIGH
Network
|
cloudera
|
cloudera_manager
|
There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.
|
CWE-200
Information Exposure
|
CVE-2015-6495
|
2024-11-21 11:35 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268182
|
6.1 |
MEDIUM
Network
|
edx
|
edx-platform
|
edx-platform before 2015-09-17 allows XSS via a team name.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6960
|
2024-11-21 11:35 |
2019-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268183
|
8.8 |
HIGH
Network
|
moxa
|
softcms
|
Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6458
|
2024-11-21 11:35 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268184
|
8.8 |
HIGH
Network
|
moxa
|
softcms
|
Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6457
|
2024-11-21 11:35 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268185
|
5.4 |
MEDIUM
Network
|
schneider-electric
|
bmxnoc0401_firmware
bmxnoe0100_firmware
bmxnoe0110_firmware
bmxnoe0110h_firmware
bmxnor0200h_firmware
modicon_m340_bmxp342020_firmware
modicon_m340_bmxp342020h_firmware
modicon_m…
|
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, B…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6462
|
2024-11-21 11:35 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268186
|
5.4 |
MEDIUM
Network
|
schneider-electric
|
bmxnoc0401_firmware
bmxnoe0100_firmware
bmxnoe0110_firmware
bmxnoe0110h_firmware
bmxnor0200h_firmware
modicon_m340_bmxp342020_firmware
modicon_m340_bmxp342020h_firmware
modicon_m…
|
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP…
|
CWE-20
Improper Input Validation
|
CVE-2015-6461
|
2024-11-21 11:35 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268187
|
5.9 |
MEDIUM
Network
|
atlassian
|
floodlight
|
Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a stat…
|
CWE-362
CWE-476
Race Condition
NULL Pointer Dereference
|
CVE-2015-6569
|
2024-11-21 11:35 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268188
|
6.1 |
MEDIUM
Network
|
combodo
|
itop
|
Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6544
|
2024-11-21 11:35 |
2018-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268189
|
7.5 |
HIGH
Network
|
oxid-esales
|
eshop
|
The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token.
|
CWE-287
Improper Authentication
|
CVE-2015-6926
|
2024-11-21 11:35 |
2018-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268190
|
6.1 |
MEDIUM
Network
|
puppet
|
puppet_enterprise
|
Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows remote attackers to inject arbitrary web script or HTML via the string parameter, related to Login …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6502
|
2024-11-21 11:35 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
