|
272691
|
- |
|
dell
|
asset_manager
|
Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vector…
|
CWE-89
SQL Injection
|
CVE-2015-1605
|
2024-11-21 11:25 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272692
|
- |
|
e2fsprogs_project
debian
canonical
|
e2fsprogs
debian_linux
ubuntu_linux
|
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1572
|
2024-11-21 11:25 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272693
|
- |
|
archmage_project
|
archmage
|
Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. (dot dot) in a CHM file.
|
CWE-22
Path Traversal
|
CVE-2015-1589
|
2024-11-21 11:25 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272694
|
- |
|
puppetlabs
puppet
|
facter
|
Puppet Labs Facter 1.6.0 through 2.4.0 allows local users to obtains sensitive Amazon EC2 IAM instance metadata by reading a fact for an Amazon EC2 node.
|
CWE-200
Information Exposure
|
CVE-2015-1426
|
2024-11-21 11:25 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272695
|
- |
|
canonical
info-zip
|
ubuntu_linux
unzip
|
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1315
|
2024-11-21 11:25 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272696
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh ph…
|
CWE-89
SQL Injection
|
CVE-2015-1517
|
2024-11-21 11:25 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272697
|
- |
|
image_metadata_cruncher_project
|
image_metadata_cruncher
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote attackers to hijack the authentication of administrators for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2015-1614
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272698
|
- |
|
adminsystems_cms_project
|
adminsystems_cms
|
Unrestricted file upload vulnerability in asys/site/files.php in Adminsystems CMS before 4.0.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable exten…
|
CWE-20
Improper Input Validation
|
CVE-2015-1604
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272699
|
- |
|
adminsystems_cms_project
|
adminsystems_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id pa…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1603
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272700
|
- |
|
debian
sixapart
|
debian_linux
movable_type
|
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and …
|
CWE-74
Injection
|
CVE-2015-1592
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
