|
269861
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in LimeSurvey 2.06+ allows remote authenticated users to execute arbitrary SQL commands via the close…
|
CWE-89
SQL Injection
|
CVE-2015-5078
|
2024-11-21 11:32 |
2015-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269862
|
- |
|
sap
|
mobile_platform
|
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security …
|
NVD-CWE-Other
|
CVE-2015-5068
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269863
|
- |
|
sap
|
netweaver
|
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes …
|
CWE-255
Credentials Management
|
CVE-2015-5067
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269864
|
- |
|
metalgenix
|
genixcms
|
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add act…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5066
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269865
|
- |
|
intelligent-it
|
paypal_currency_converter_basic_for_woocommerce
|
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read…
|
CWE-22
Path Traversal
|
CVE-2015-5065
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269866
|
- |
|
mysql-lite-administrator_project
|
mysql-lite-administrator
|
Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name para…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5064
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269867
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_passwo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5063
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269868
|
- |
|
silverstripe
|
silverstripe
|
Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter t…
|
NVD-CWE-Other
|
CVE-2015-5062
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269869
|
- |
|
zohocorp
|
manageengine_assetexplorer
|
Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 and earlier allows remote authenticated users with permissions to add new vendors to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5061
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269870
|
9.8 |
CRITICAL
Network
|
pexip
|
pexip_infinity
|
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.
|
CWE-269
Improper Privilege Management
|
CVE-2015-4719
|
2024-11-21 11:31 |
2020-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
