|
273841
|
- |
|
colorlib
|
fancybox
|
The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an mfbfw[*] parameter i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1494
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273842
|
- |
|
rhodecode
|
rhodecode_enterprise
|
RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method.
|
CWE-200
Information Exposure
|
CVE-2015-1613
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273843
|
- |
|
solarwinds
|
server_and_application_monitor
|
The factory.loadExtensionFactory function in TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via a UNC path to a crafte…
|
CWE-94
Code Injection
|
CVE-2015-1501
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273844
|
- |
|
solarwinds
|
server_and_application_monitor
|
Multiple stack-based buffer overflows in the TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via unspecified vectors to…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1500
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273845
|
- |
|
samsung
|
samsung_security_manager
|
The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1499
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273846
|
- |
|
persistent_systems
|
radia_client_automation
|
Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1498
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273847
|
- |
|
persistent_systems
|
radia_client_automation
|
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.
|
CWE-94
Code Injection
|
CVE-2015-1497
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273848
|
- |
|
motorola
|
motorola_scanner_sdk
|
Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1496
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273849
|
- |
|
motorola
|
motorola_scanner_sdk
|
Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1495
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273850
|
- |
|
easing_slider_project
|
easing_slider
|
Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1436
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
