|
266861
|
5.4 |
MEDIUM
Network
|
php-fusion
|
php-fusion
|
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8375
|
2024-11-21 11:38 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266862
|
5.9 |
MEDIUM
Network
|
unify
|
openstage_60_firmware
openscape_desk_phone_ip_55g_sip_firmware
openstage_15_firmware
openstage_20e_firmware
openstage_20_firmware
openstage_40_firmware
openscape_desk_phone_ip_35g_s…
|
OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk Phone IP 35G SIP V3, OpenScape Desk Phone IP 35G Eco SIP V3, OpenStage 60 and OpenScape Desk Phone…
|
CWE-200
Information Exposure
|
CVE-2015-8251
|
2024-11-21 11:38 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266863
|
7.5 |
HIGH
Network
|
chef
|
chef
|
The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages.
|
CWE-200
Information Exposure
|
CVE-2015-8559
|
2024-11-21 11:38 |
2017-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266864
|
3.7 |
LOW
Network
|
huawei
|
p8_firmware
|
Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-TL00C01B210, and before GRA-UL00C00B210 allows remote attackers to obtain user equipment (aka UE) measurements of signal strengths.
|
CWE-200
Information Exposure
|
CVE-2015-8224
|
2024-11-21 11:38 |
2017-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266865
|
6.1 |
MEDIUM
Network
|
ultimatemember
|
ultimate_member
|
Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for WordPress allows remote attackers to inject arbitrary web script or HTML via the _refer parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8354
|
2024-11-21 11:38 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266866
|
6.1 |
MEDIUM
Network
|
role_scoper_project
|
role_scoper
|
Cross-site scripting (XSS) vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allows remote attackers to inject arbitrary web script or HTML via the object_name parameter in a rs-obj…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8353
|
2024-11-21 11:38 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266867
|
9.0 |
CRITICAL
Network
|
gwolle_guestbook_project
|
gwolle_guestbook
|
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allow_url_include is enabled, allows remote authenticated users to execute arbitrary PHP code v…
|
CWE-94
Code Injection
|
CVE-2015-8351
|
2024-11-21 11:38 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266868
|
6.1 |
MEDIUM
Network
|
inboundnow
|
call_to_action
|
Multiple cross-site scripting (XSS) vulnerabilities in the Calls to Action plugin before 2.5.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) open-tab paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8350
|
2024-11-21 11:38 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266869
|
6.1 |
MEDIUM
Network
|
gameconnect
|
sourcebans
|
Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8349
|
2024-11-21 11:38 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266870
|
5.9 |
MEDIUM
Network
|
lightdm_project
|
lightdm
|
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMC…
|
CWE-129
Improper Validation of Array Index
|
CVE-2015-8316
|
2024-11-21 11:38 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
