|
273911
|
- |
|
roundcube
fedoraproject
|
webmail
fedora
|
program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the style attribute …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1433
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273912
|
- |
|
sefrengo
|
sefrengo
|
Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authe…
|
CWE-89
SQL Injection
|
CVE-2015-1428
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273913
|
- |
|
content_rating_extbase_project
|
content_rating_extbase
|
SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-1405
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273914
|
- |
|
content_rating_extbase_project
|
content_rating_extbase
|
Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1404
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273915
|
- |
|
content_rating_project
|
content_rating
|
SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-1403
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273916
|
- |
|
content_rating_project
|
content_rating
|
Cross-site scripting (XSS) vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1402
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273917
|
- |
|
npds
|
revolution
|
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.
|
CWE-89
SQL Injection
|
CVE-2015-1400
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273918
|
- |
|
banner_effect_header_project
|
banner_effect_header
|
Cross-site scripting (XSS) vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the banner_effect_divid param…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1384
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273919
|
- |
|
debian
privoxy
opensuse
|
debian_linux
privoxy
opensuse
|
parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.
|
CWE-20
Improper Input Validation
|
CVE-2015-1382
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273920
|
- |
|
opensuse
debian
privoxy
|
opensuse
debian_linux
privoxy
|
Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2015-1381
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
