|
275271
|
- |
|
cisco
|
webex_meeting_center
|
The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privilege…
|
CWE-200
Information Exposure
|
CVE-2015-4194
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275272
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.
|
CWE-399
Resource Management Errors
|
CVE-2015-4191
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275273
|
- |
|
wp_smiley_project
|
wp_smiley
|
Cross-site request forgery (CSRF) vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows remote attackers to hijack the authentication of editors for requests that conduct cross-site script…
|
CWE-352
Origin Validation Error
|
CVE-2015-4140
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275274
|
- |
|
wp_smiley_project
|
wp_smiley
|
Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the s4w-more parame…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4139
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275275
|
- |
|
bonitasoft
|
bonita_bpm_portal
|
Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter…
|
CWE-22
Path Traversal
|
CVE-2015-3897
|
2024-11-21 11:30 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275276
|
- |
|
cacti
fedoraproject
|
cacti
fedora
|
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
|
CWE-89
SQL Injection
|
CVE-2015-4342
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275277
|
- |
|
xcloner
|
xcloner
|
Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LM_FRONT_* field…
|
CWE-94
Code Injection
|
CVE-2015-4338
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275278
|
- |
|
xcloner
|
xcloner
|
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xclone…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4337
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275279
|
- |
|
xcloner
|
xcloner
|
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrat…
|
CWE-77
Command Injection
|
CVE-2015-4336
|
2024-11-21 11:30 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275280
|
- |
|
cisco
|
prime_service_catalog
|
Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683.
|
NVD-CWE-Other
|
CVE-2015-4190
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
