|
273561
|
- |
|
piwigo
|
piwigo
|
Cross-site scripting (XSS) vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2034
|
2024-11-21 11:26 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273562
|
- |
|
infoblox
|
netmri
|
Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request.
|
CWE-287
Improper Authentication
|
CVE-2015-2033
|
2024-11-21 11:26 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273563
|
- |
|
google_doc_embedder
|
google_doc_embedder
|
Cross-site scripting (XSS) vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an e…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1879
|
2024-11-21 11:26 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273564
|
8.8 |
HIGH
Network
|
hp
|
airwave
|
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
|
CWE-352
Origin Validation Error
|
CVE-2015-1391
|
2024-11-21 11:25 |
2023-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273565
|
6.1 |
MEDIUM
Network
|
hp
|
airwave
|
Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1390
|
2024-11-21 11:25 |
2023-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273566
|
6.5 |
MEDIUM
Network
|
jetbrains
|
teamcity
|
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2015-1313
|
2024-11-21 11:25 |
2023-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273567
|
8.8 |
HIGH
Network
|
atutor
|
atutor
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account vi…
|
CWE-352
Origin Validation Error
|
CVE-2015-1583
|
2024-11-21 11:25 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273568
|
9.8 |
CRITICAL
Network
|
jakweb
|
gecko_cms
|
JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities
|
CWE-20
Improper Input Validation
|
CVE-2015-1425
|
2024-11-21 11:25 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273569
|
5.4 |
MEDIUM
Network
|
10web
|
photo_gallery
|
Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1394
|
2024-11-21 11:25 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273570
|
7.8 |
HIGH
Local
|
google
|
android
|
media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted appl…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-1530
|
2024-11-21 11:25 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
