|
271961
|
- |
|
oracle
djangoproject
fedoraproject
canonical
opensuse
|
solaris
django
fedora
ubuntu_linux
opensuse
|
The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of servi…
|
CWE-399
Resource Management Errors
|
CVE-2015-2316
|
2024-11-21 11:27 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271962
|
- |
|
solarwinds
|
firewall_security_manager
|
userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client sessi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2284
|
2024-11-21 11:27 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271963
|
- |
|
canonical
linuxfoundation
|
ubuntu_linux
cups-filters
|
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (…
|
CWE-77
Command Injection
|
CVE-2015-2265
|
2024-11-21 11:27 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271964
|
- |
|
asus
|
rt-g32_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2681
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271965
|
- |
|
metalgenix
|
genixcms
|
Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator accou…
|
CWE-352
Origin Validation Error
|
CVE-2015-2680
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271966
|
- |
|
genixcms
|
genixcms
|
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter t…
|
CWE-89
SQL Injection
|
CVE-2015-2679
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271967
|
- |
|
genixcms
|
genixcms
|
Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2678
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271968
|
- |
|
ocportal
|
ocportal
|
Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the (1) title or (2) text field in the cms_ca…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2677
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271969
|
- |
|
asus
|
rt-g32_firmware
|
Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that c…
|
CWE-352
Origin Validation Error
|
CVE-2015-2676
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271970
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entries.tpl in Serendipity before 2.0.1 allows remote authenticated editors to inject arbitrary web script or HTML via the serendipity…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2289
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
