|
273091
|
- |
|
canonical
linuxfoundation
|
ubuntu_linux
cups-filters
|
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (…
|
CWE-77
Command Injection
|
CVE-2015-2265
|
2024-11-21 11:27 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273092
|
- |
|
asus
|
rt-g32_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2681
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273093
|
- |
|
metalgenix
|
genixcms
|
Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator accou…
|
CWE-352
Origin Validation Error
|
CVE-2015-2680
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273094
|
- |
|
genixcms
|
genixcms
|
Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter t…
|
CWE-89
SQL Injection
|
CVE-2015-2679
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273095
|
- |
|
genixcms
|
genixcms
|
Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2678
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273096
|
- |
|
ocportal
|
ocportal
|
Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the (1) title or (2) text field in the cms_ca…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2677
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273097
|
- |
|
asus
|
rt-g32_firmware
|
Cross-site request forgery (CSRF) vulnerability in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allows remote attackers to hijack the authentication of administrators for requests that c…
|
CWE-352
Origin Validation Error
|
CVE-2015-2676
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273098
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entries.tpl in Serendipity before 2.0.1 allows remote authenticated editors to inject arbitrary web script or HTML via the serendipity…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2289
|
2024-11-21 11:27 |
2015-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273099
|
- |
|
projectsend
|
projectsend
|
SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.
|
CWE-89
SQL Injection
|
CVE-2015-2564
|
2024-11-21 11:27 |
2015-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273100
|
- |
|
vastal
|
phpvid
|
SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 0.9.9 and 1.2.3 allows remote attackers to execute arbitrary SQL commands via the order_by parameter. NOTE: The cat parameter vector…
|
CWE-89
SQL Injection
|
CVE-2015-2563
|
2024-11-21 11:27 |
2015-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
