|
270291
|
- |
|
apple
|
safari
|
The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-5780
|
2024-11-21 11:33 |
2015-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270292
|
- |
|
cybozu
|
garoon
|
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended l…
|
CWE-287
Improper Authentication
|
CVE-2015-5649
|
2024-11-21 11:33 |
2015-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270293
|
- |
|
python
|
python
|
Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE…
|
NVD-CWE-Other
|
CVE-2015-5652
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270294
|
- |
|
ajaxplorer
|
ajaxplorer
|
Directory traversal vulnerability in AjaXplorer 2.0 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2015-5650
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270295
|
- |
|
icz
|
matchasns
|
ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5645
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270296
|
- |
|
icz
|
matchasns
|
The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2015-5644
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270297
|
- |
|
icz
|
matchasns
|
The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2015-5643
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270298
|
- |
|
icz
|
matchasns
|
Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before 2.5.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-5642
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270299
|
- |
|
basercms
|
basercms
|
SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-5641
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270300
|
- |
|
basercms
|
basercms
|
baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5640
|
2024-11-21 11:33 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
