|
271281
|
- |
|
sysphonic
|
thetis
|
Multiple SQL injection vulnerabilities in Sysphonic Thetis before 2.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-2972
|
2024-11-21 11:28 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271282
|
- |
|
seeds
|
acmailer
|
Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string.
|
CWE-22
Path Traversal
|
CVE-2015-2971
|
2024-11-21 11:28 |
2015-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271283
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
The Portlet Bridge for JavaServer Faces in Red Hat JBoss Portal 6.2.0, when used in portlets with the default resource serving for GenericPortlet, does not properly restrict access to restricted reso…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3244
|
2024-11-21 11:28 |
2015-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271284
|
- |
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3095
|
2024-11-21 11:28 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271285
|
- |
|
juniper
|
junos
|
The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console i…
|
CWE-284
Improper Access Control
|
CVE-2015-3007
|
2024-11-21 11:28 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271286
|
- |
|
thoughtbot
|
paperclip
|
The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider the content-type value during media-type validation, which allows remote attackers to upload HTML documents and conduct cross-site…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2963
|
2024-11-21 11:28 |
2015-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271287
|
- |
|
lemon-s_php
|
simple_oekaki
|
index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter.
|
CWE-22
Path Traversal
|
CVE-2015-2970
|
2024-11-21 11:28 |
2015-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271288
|
- |
|
lemon-s_php
|
simple_oekaki_bbs
|
Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to inject arbitrary web script or HTML via the oekakis parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2969
|
2024-11-21 11:28 |
2015-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271289
|
- |
|
cacti
|
cacti
|
Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2967
|
2024-11-21 11:28 |
2015-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271290
|
- |
|
adobe
|
flash_player
air
air_sdk
air_sdk_\&_compiler
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe A…
|
NVD-CWE-Other
|
CVE-2015-3137
|
2024-11-21 11:28 |
2015-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
