|
274701
|
- |
|
sympies
|
wordpress_survey_and_poll
|
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the s…
|
CWE-89
SQL Injection
|
CVE-2015-2090
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274702
|
- |
|
crossslide_jquery_project
|
crossslide_jquery
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote attackers to hijack the authentica…
|
CWE-352
Origin Validation Error
|
CVE-2015-2089
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274703
|
- |
|
term_queue_project
|
term_queue
|
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Term Queue module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unkn…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2088
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274704
|
- |
|
avatar_uploader_project
|
avatar_uploader
|
Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension…
|
NVD-CWE-Other
|
CVE-2015-2087
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274705
|
- |
|
panopoly_magic_project
|
panopoly_magic
|
Cross-site scripting (XSS) vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pan…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2086
|
2024-11-21 11:26 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274706
|
- |
|
cybernetikz
|
easy_social_icons
|
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that con…
|
CWE-352
Origin Validation Error
|
CVE-2015-2084
|
2024-11-21 11:26 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274707
|
- |
|
ilch
|
cms
|
Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows remote attackers to hijack the authentication of administrators for requests that add a value to a profile field via a profilefields…
|
CWE-352
Origin Validation Error
|
CVE-2015-2083
|
2024-11-21 11:26 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274708
|
- |
|
unit4
|
prosoft_hrms
|
Cross-site scripting (XSS) vulnerability in Login.aspx in UNIT4 Prosoft HRMS before 8.14.330.43 allows remote attackers to inject arbitrary web script or HTML via the txtUserID parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2082
|
2024-11-21 11:26 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274709
|
- |
|
visualware
|
myconnection_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote attackers to inject arbitrary web script or HTML via the (1) bt, (2) variable, or (3) et parame…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2043
|
2024-11-21 11:26 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274710
|
- |
|
komodia
|
redirector_sdk
|
The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker (alpha) 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5…
|
CWE-310
Cryptographic Issues
|
CVE-2015-2078
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
