|
272641
|
- |
|
citrix
|
netscaler
|
The Nitro API in Citrix NetScaler before 10.5 build 52.3nc uses an incorrect Content-Type when returning an error message, which allows remote attackers to conduct cross-site scripting (XSS) attacks …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2839
|
2024-11-21 11:28 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272642
|
- |
|
citrix
|
netscaler
|
Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to hijack the authentication of administrators for requests that exec…
|
CWE-352
Origin Validation Error
|
CVE-2015-2838
|
2024-11-21 11:28 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272643
|
- |
|
typo3
|
neos
|
TYPO3 Neos 1.1.x before 1.1.3 and 1.2.x before 1.2.3 allows remote editors to access, create, and modify content nodes in the workspace of other editors via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2821
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272644
|
- |
|
sap
|
afaria
|
Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a crafted request, aka SAP Security Note 2132584.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2820
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272645
|
- |
|
sap
|
sql_anywhere
|
SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service (crash) via a crafted request, aka SAP Security Note 2108161.
|
CWE-20
Improper Input Validation
|
CVE-2015-2819
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272646
|
- |
|
sap
|
mobile_platform
|
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513.
|
NVD-CWE-Other
|
CVE-2015-2818
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272647
|
- |
|
sap
|
netweaver
|
The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.
|
CWE-200
Information Exposure
|
CVE-2015-2817
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272648
|
- |
|
sap
|
afaria
|
The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote attackers to have unspecified impact via a crafted request, aka SAP Security Note 2134905.
|
CWE-284
Improper Access Control
|
CVE-2015-2816
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272649
|
- |
|
sap
|
netweaver
|
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of servic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2815
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272650
|
- |
|
sap
|
clinical_task_tracker
emr_unwired
|
SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2814
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
