|
269581
|
- |
|
codepeople
|
appointment_booking_calendar
|
SQL injection vulnerability in cpabc_appointments_admin_int_calendar_list.inc.php in the Appointment Booking Calendar plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary SQ…
|
CWE-89
SQL Injection
|
CVE-2015-7319
|
2024-11-21 11:36 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269582
|
- |
|
zohocorp
|
manageengine_eventlog_analyzer
|
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallow…
|
CWE-89
SQL Injection
|
CVE-2015-7387
|
2024-11-21 11:36 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269583
|
- |
|
ghozylab
|
gallery_-_photo_albums_-_portfolio
|
Multiple cross-site scripting (XSS) vulnerabilities in includes/metaboxes.php in the Gallery - Photo Albums - Portfolio plugin 1.3.47 for WordPress allow remote authenticated users to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7386
|
2024-11-21 11:36 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269584
|
- |
|
refbase
|
refbase
|
Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7383
|
2024-11-21 11:36 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269585
|
- |
|
refbase
|
refbase
|
SQL injection vulnerability in install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a dif…
|
CWE-89
SQL Injection
|
CVE-2015-7382
|
2024-11-21 11:36 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269586
|
- |
|
refbase
|
refbase
|
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary PHP code via the (1) pathToMYSQL or…
|
CWE-94
Code Injection
|
CVE-2015-7381
|
2024-11-21 11:36 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269587
|
- |
|
indusoft
|
web_studio
|
Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted Indu…
|
CWE-20
Improper Input Validation
|
CVE-2015-7375
|
2024-11-21 11:36 |
2015-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269588
|
- |
|
indusoft
|
web_studio
|
The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-2649.
|
CWE-20
Improper Input Validation
|
CVE-2015-7374
|
2024-11-21 11:36 |
2015-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269589
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 41.0 does not properly restrict the availability of High Resolution Time API times, which allows remote attackers to track last-level cache access, and consequently obtain sens…
|
CWE-200
Information Exposure
|
CVE-2015-7327
|
2024-11-21 11:36 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269590
|
- |
|
mozilla
|
firefox
|
The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to ca…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7180
|
2024-11-21 11:36 |
2015-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
