|
268471
|
- |
|
securemoz
|
security_audit
|
The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man…
|
CWE-20
Improper Input Validation
|
CVE-2015-6828
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268472
|
- |
|
asus
|
tm-1900
|
Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6949
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268473
|
- |
|
corel
|
wordperfect
|
Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6948
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268474
|
- |
|
microfocus
|
accurev
|
Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the act…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6946
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268475
|
- |
|
jsp\/mysql_administrador_web_project
|
jsp\/mysql_administrador_web
|
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6945
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268476
|
- |
|
jsp\/mysql_administrador_web_project
|
jsp\/mysql_administrador_web
|
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the…
|
CWE-352
Origin Validation Error
|
CVE-2015-6944
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268477
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled, allow…
|
CWE-89
SQL Injection
|
CVE-2015-6943
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268478
|
- |
|
phpmyadmin
|
phpmyadmin
|
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against…
|
CWE-200
Information Exposure
|
CVE-2015-6830
|
2024-11-21 11:35 |
2015-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268479
|
- |
|
zendesk
|
zendesk_feedback_tab
|
Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab module 7.x-1.x before 7.x-1.1 for Drupal allows remote administrators with the "Configure Zendesk Feedback Tab" permission to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6921
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268480
|
- |
|
sourceafrica_project
|
sourceafrica
|
Cross-site scripting (XSS) vulnerability in js/window.php in the sourceAFRICA plugin 0.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6920
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
