|
276231
|
- |
|
canonical
info-zip
|
ubuntu_linux
unzip
|
Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1315
|
2024-11-21 11:25 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276232
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh ph…
|
CWE-89
SQL Injection
|
CVE-2015-1517
|
2024-11-21 11:25 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276233
|
- |
|
image_metadata_cruncher_project
|
image_metadata_cruncher
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote attackers to hijack the authentication of administrators for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2015-1614
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276234
|
- |
|
adminsystems_cms_project
|
adminsystems_cms
|
Unrestricted file upload vulnerability in asys/site/files.php in Adminsystems CMS before 4.0.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable exten…
|
CWE-20
Improper Input Validation
|
CVE-2015-1604
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276235
|
- |
|
adminsystems_cms_project
|
adminsystems_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Adminsystems CMS before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php or (2) id pa…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1603
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276236
|
- |
|
debian
sixapart
|
debian_linux
movable_type
|
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and …
|
CWE-74
Injection
|
CVE-2015-1592
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276237
|
- |
|
maarch
|
letterbox
gec\/ged
|
Unrestricted file upload vulnerability in file_to_index.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code by uploading a file w…
|
NVD-CWE-Other
|
CVE-2015-1587
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276238
|
- |
|
fatfreecrm
|
fat_free_crm
|
Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafted HTML page that creat…
|
CWE-352
Origin Validation Error
|
CVE-2015-1585
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276239
|
- |
|
softsphere
|
defensewall_personal_firewall
|
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x002…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1515
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276240
|
- |
|
isc
|
bind
|
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of servic…
|
CWE-399
Resource Management Errors
|
CVE-2015-1349
|
2024-11-21 11:25 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
