|
270671
|
- |
|
newstatpress_project
|
newstatpress
|
SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 paramet…
|
CWE-89
SQL Injection
|
CVE-2015-4062
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270672
|
- |
|
coppermine-gallery
|
coppermine_photo_gallery
|
Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the refere…
|
NVD-CWE-Other
|
CVE-2015-3922
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270673
|
- |
|
coppermine-gallery
|
coppermine_photo_gallery
|
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3921
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270674
|
- |
|
wireshark
|
wireshark
|
The logcat_dump_text function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3906
|
2024-11-21 11:30 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270675
|
- |
|
phpmyadmin
|
phpmyadmin
|
libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls ov…
|
CWE-310
Cryptographic Issues
|
CVE-2015-3903
|
2024-11-21 11:30 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270676
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remo…
|
CWE-352
Origin Validation Error
|
CVE-2015-3902
|
2024-11-21 11:30 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270677
|
- |
|
sap
|
afaria
|
Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, aka SAP Secu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4092
|
2024-11-21 11:30 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270678
|
- |
|
sap
|
sap_netweaver_application_server_java
|
XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to t…
|
NVD-CWE-Other
|
CVE-2015-4091
|
2024-11-21 11:30 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270679
|
- |
|
feedwordpress_project
|
feedwordpress
|
SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2015-4018
|
2024-11-21 11:30 |
2015-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270680
|
- |
|
huawei
|
webui
e355s_mobile_wifi_firmware
|
Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEBUI before 13.100.04.01.625 allows remote attackers to obtain sensitive configuration information by sniffing the network or sendi…
|
CWE-200
Information Exposure
|
CVE-2015-3912
|
2024-11-21 11:30 |
2015-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
