|
273541
|
- |
|
etouch
|
samepage
|
Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fil…
|
CWE-22
Path Traversal
|
CVE-2015-2071
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273542
|
- |
|
etouch
|
samepage
|
SQL injection vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote attackers to execute arbitrary SQL commands via the catId parameter to cm/blogrss/feed.
|
CWE-89
SQL Injection
|
CVE-2015-2070
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273543
|
- |
|
woothemes
|
woocommerce
|
Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.2.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING in the wc-reports pa…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2069
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273544
|
- |
|
magmi_project
|
magmi
|
Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profil…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2068
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273545
|
- |
|
magmi_project
|
magmi
|
Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2015-2067
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273546
|
- |
|
dlguard
|
dlguard
|
SQL injection vulnerability in DLGuard 4.5 allows remote attackers to execute arbitrary SQL commands via the c parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2015-2066
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273547
|
- |
|
apptha
|
wordpress_video_gallery
|
SQL injection vulnerability in videogalleryrss.php in the Apptha WordPress Video Gallery (contus-video-gallery) plugin before 2.8 for WordPress allows remote attackers to execute arbitrary SQL comman…
|
CWE-89
SQL Injection
|
CVE-2015-2065
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273548
|
- |
|
dlguard
|
dlguard
|
Multiple cross-site scripting (XSS) vulnerabilities in DLGuard 5, 4.6, and 4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) c, or (3) redirect parameter to inde…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2064
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273549
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption)…
|
CWE-399
Resource Management Errors
|
CVE-2015-1881
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273550
|
- |
|
zhone_technologies
|
gpon_2520_firmware
|
Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter.
|
CWE-20
Improper Input Validation
|
CVE-2015-2055
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
