|
274931
|
- |
|
wt_directory_project
|
wt_directory
|
SQL injection vulnerability in the wt_directory extension before 1.4.2 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-4609
|
2024-11-21 11:31 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274932
|
- |
|
be_user_log_project
|
be_user_log
|
Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4608
|
2024-11-21 11:31 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274933
|
- |
|
frontend_user_upload_project
|
frontend_user_upload
|
Unrestricted file upload vulnerability in the Frontend User Upload (feupload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an execu…
|
NVD-CWE-Other
|
CVE-2015-4607
|
2024-11-21 11:31 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274934
|
- |
|
job_fair_project
|
job_fair
|
Unrestricted file upload vulnerability in the Job Fair (jobfair) extension before 1.0.1 for TYPO3, when using Apache with mod_mime, allows remote attackers to execute arbitrary code by uploading a fi…
|
NVD-CWE-Other
|
CVE-2015-4606
|
2024-11-21 11:31 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274935
|
- |
|
mcafee
|
epolicy_orchestrator
|
Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) before 5.1.2 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4559
|
2024-11-21 11:31 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274936
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a cr…
|
CWE-189
Numeric Errors
|
CVE-2015-4472
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274937
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB arc…
|
CWE-189
Numeric Errors
|
CVE-2015-4471
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274938
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
|
CWE-189
Numeric Errors
|
CVE-2015-4470
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274939
|
- |
|
libmspack_project
|
libmspack
|
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4469
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274940
|
- |
|
libmspack_project
|
libmspack
|
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CH…
|
CWE-189
Numeric Errors
|
CVE-2015-4468
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
