|
272291
|
6.1 |
MEDIUM
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry_uaa
cf-release
|
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an op…
|
CWE-601
Open Redirect
|
CVE-2015-3190
|
2024-11-21 11:28 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272292
|
8.8 |
HIGH
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry_uaa
cf-release
|
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable …
|
CWE-352
Origin Validation Error
|
CVE-2015-3191
|
2024-11-21 11:28 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272293
|
3.7 |
LOW
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry_uaa
cf-release
|
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired a…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2015-3189
|
2024-11-21 11:28 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272294
|
9.1 |
CRITICAL
Network
|
grabacr.net
|
kancolleviewer
|
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.
|
CWE-441
Confused Deputy
|
CVE-2015-2947
|
2024-11-21 11:28 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272295
|
8.8 |
HIGH
Network
|
summerinfant
|
baby_zoom_wifi_monitor_firmware
|
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2889
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272296
|
9.8 |
CRITICAL
Network
|
summerinfant
|
baby_zoom_wifi_monitor_firmware
|
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2015-2888
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272297
|
9.8 |
CRITICAL
Network
|
ibaby
|
m3s_baby_monitor_firmware
|
iBaby M3S has a password of admin for the backdoor admin account.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2015-2887
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272298
|
7.5 |
HIGH
Network
|
ibaby
|
m6_baby_monitor_firmware
|
iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service.
|
CWE-200
Information Exposure
|
CVE-2015-2886
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272299
|
9.8 |
CRITICAL
Network
|
lens_laboratories
|
peek-a-view_firmware
|
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2015-2885
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272300
|
7.5 |
HIGH
Network
|
philips
|
in.sight_b120\\37
|
Philips In.Sight B120/37 allows remote attackers to obtain sensitive information via a direct request, related to yoics.net URLs, stream.m3u8 URIs, and cam_service_enable.cgi.
|
CWE-200
Information Exposure
|
CVE-2015-2884
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
