|
274351
|
- |
|
ajsquare
|
zeuscart
|
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2182
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274352
|
- |
|
palosanto
|
elastix
|
SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter.
|
CWE-89
SQL Injection
|
CVE-2015-1875
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274353
|
- |
|
ajsquare
|
zeuscart
|
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2015-2184
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274354
|
- |
|
zeuscart
|
zeuscart
|
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2)…
|
CWE-89
SQL Injection
|
CVE-2015-2183
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274355
|
- |
|
cfdbplugin
|
contact_form_db
|
Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the aut…
|
CWE-352
Origin Validation Error
|
CVE-2015-1874
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274356
|
- |
|
webgateinc
|
edvr_manager
|
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP a…
|
NVD-CWE-Other
|
CVE-2015-2096
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274357
|
- |
|
webgateinc
|
edvr_manager
|
Heap-based buffer overflow in the SetConnectInfo function in the WESPPTZ.WESPPTZCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via crafted arguments.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2095
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274358
|
- |
|
webgateinc
|
winrds
|
Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) P…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2094
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274359
|
- |
|
webgateinc
|
webeyeaudio
|
Stack-based buffer overflow in the Connect function in the WebGate WebEyeAudio ActiveX control allows remote attackers to execute arbitrary code via a crafted value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2093
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274360
|
- |
|
agilent_technologies
|
feature_extraction
|
The AnnotationX.AnnList.1 ActiveX control in Agilent Technologies Feature Extraction allows remote attackers to execute arbitrary code via a crafted object parameter in the Insert function, related t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2092
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
