|
273851
|
- |
|
mylittleforum
|
my_little_forum
|
Cross-site scripting (XSS) vulnerability in my little forum before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the back parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1435
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273852
|
- |
|
mylittleforum
|
my_little_forum
|
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category…
|
CWE-89
SQL Injection
|
CVE-2015-1434
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273853
|
- |
|
topline_systems
|
opportunity_form
|
Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not properly restrict access to database-connection strings, which allows attackers to read the cleartext version of sensitive crede…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1608
|
2024-11-21 11:25 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273854
|
- |
|
google
|
android
|
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial…
|
CWE-189
Numeric Errors
|
CVE-2015-1474
|
2024-11-21 11:25 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273855
|
- |
|
google
|
email
|
The Google Email application 4.2.2.0200 for Android allows remote attackers to cause a denial of service (persistent application crash) via a "Content-Disposition: ;" header in an e-mail message.
|
CWE-19
Data Processing Errors
|
CVE-2015-1574
|
2024-11-21 11:25 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273856
|
- |
|
openldap
opensuse
apple
|
openldap
opensuse
mac_os_x
|
Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matc…
|
NVD-CWE-Other
|
CVE-2015-1546
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273857
|
- |
|
openldap
|
openldap
|
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty…
|
NVD-CWE-Other
|
CVE-2015-1545
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273858
|
- |
|
pragyan_cms_project
|
pragyan_cms
|
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.
|
CWE-89
SQL Injection
|
CVE-2015-1471
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273859
|
- |
|
gnu
opensuse
|
grep
opensuse
|
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1345
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273860
|
- |
|
web-dorado
|
spider_facebook
|
Multiple cross-site scripting (XSS) vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the appid parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1582
|
2024-11-21 11:25 |
2015-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
