|
271651
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.
|
CWE-399
Resource Management Errors
|
CVE-2015-4191
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271652
|
- |
|
wp_smiley_project
|
wp_smiley
|
Cross-site request forgery (CSRF) vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows remote attackers to hijack the authentication of editors for requests that conduct cross-site script…
|
CWE-352
Origin Validation Error
|
CVE-2015-4140
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271653
|
- |
|
wp_smiley_project
|
wp_smiley
|
Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the s4w-more parame…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4139
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271654
|
- |
|
bonitasoft
|
bonita_bpm_portal
|
Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter…
|
CWE-22
Path Traversal
|
CVE-2015-3897
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271655
|
- |
|
cacti
fedoraproject
|
cacti
fedora
|
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
|
CWE-89
SQL Injection
|
CVE-2015-4342
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271656
|
- |
|
xcloner
|
xcloner
|
Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LM_FRONT_* field…
|
CWE-94
Code Injection
|
CVE-2015-4338
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271657
|
- |
|
xcloner
|
xcloner
|
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xclone…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4337
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271658
|
- |
|
xcloner
|
xcloner
|
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrat…
|
CWE-77
Command Injection
|
CVE-2015-4336
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271659
|
- |
|
cisco
|
prime_service_catalog
|
Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683.
|
NVD-CWE-Other
|
CVE-2015-4190
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271660
|
- |
|
cisco
|
prime_collaboration
|
SQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug IDs CSCuu29910, CSCuu299…
|
CWE-89
SQL Injection
|
CVE-2015-4188
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
