|
274191
|
- |
|
phpbb
|
phpbb
|
The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the fu…
|
CWE-352
Origin Validation Error
|
CVE-2015-1432
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274192
|
- |
|
phpbb
|
phpbb
|
Cross-site scripting (XSS) vulnerability in includes/startup.php in phpBB before 3.0.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to "Relative Path Overwrite."
|
CWE-79
Cross-site Scripting
|
CVE-2015-1431
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274193
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scr…
|
CWE-352
Origin Validation Error
|
CVE-2015-1568
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274194
|
- |
|
epignosis
|
efront
|
Multiple cross-site request forgery (CSRF) vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication…
|
CWE-352
Origin Validation Error
|
CVE-2015-1559
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274195
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site scripting (XSS) vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" per…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1567
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274196
|
- |
|
hitachi
|
device_manager
replication_manager
tiered_storage_manager
compute_systems_manager
global_link_manager
|
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manage…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1565
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274197
|
- |
|
plainblack
|
webgui
|
Cross-site scripting (XSS) vulnerability in style-underground/search in Plain Black WebGUI 7.10.29 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1564
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274198
|
- |
|
xen
fedoraproject
|
xen
fedora
|
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.
|
CWE-399
Resource Management Errors
|
CVE-2015-1563
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274199
|
- |
|
saurus
|
saurus_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to admin/user_management.php, (2) da…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1562
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274200
|
- |
|
digium
|
asterisk
|
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of …
|
CWE-399
Resource Management Errors
|
CVE-2015-1558
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
