|
274321
|
- |
|
goautodial
|
goadmin_ce
|
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.
|
CWE-78
OS Command
|
CVE-2015-2844
|
2024-11-21 11:28 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274322
|
- |
|
goautodial
|
goadmin_ce
|
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in go_l…
|
CWE-89
SQL Injection
|
CVE-2015-2843
|
2024-11-21 11:28 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274323
|
- |
|
goautodial
|
goadmin_ce
|
Unrestricted file upload vulnerability in go_audiostore.php in the audiostore (Voice Files) upload functionality in GoAutoDial GoAdmin CE 3.x before 3.3-1421902800 allows remote attackers to execute …
|
NVD-CWE-Other
|
CVE-2015-2842
|
2024-11-21 11:28 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274324
|
- |
|
citrix
|
netscaler_gateway_firmware
netscaler_application_delivery_controller_firmware
|
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot…
|
NVD-CWE-noinfo
|
CVE-2015-2829
|
2024-11-21 11:28 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274325
|
- |
|
owncloud
|
owncloud
|
ownCloud Server before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allows remote authenticated users to bypass the file blacklist and upload arbitrary files via a file path with UTF-8 encoding, as…
|
CWE-74
Injection
|
CVE-2015-3013
|
2024-11-21 11:28 |
2015-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274326
|
- |
|
debian
kogmbh
|
debian_linux
webodf
|
Multiple cross-site scripting (XSS) vulnerabilities in WebODF before 0.5.5, as used in ownCloud, allow remote attackers to inject arbitrary web script or HTML via a (1) style or (2) font name or (3) …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3012
|
2024-11-21 11:28 |
2015-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274327
|
- |
|
owncloud
debian
|
owncloud
debian_linux
|
Multiple cross-site scripting (XSS) vulnerabilities in the contacts application in ownCloud Server Community Edition before 5.0.19, 6.x before 6.0.7, and 7.x before 7.0.5 allow remote authenticated u…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3011
|
2024-11-21 11:28 |
2015-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274328
|
- |
|
oracle
haxx
canonical
apple
debian
|
enterprise_manager_ops_center
libcurl
curl
ubuntu_linux
mac_os_x
debian_linux
|
The default configuration for cURL and libcurl before 7.42.1 sends custom HTTP headers to both the proxy and destination server, which might allow remote proxy servers to obtain sensitive information…
|
CWE-200
Information Exposure
|
CVE-2015-3153
|
2024-11-21 11:28 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274329
|
- |
|
xiph
debian
opensuse
|
icecast
debian_linux
opensuse
|
Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without log…
|
NVD-CWE-Other
|
CVE-2015-3026
|
2024-11-21 11:28 |
2015-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274330
|
- |
|
fedoraproject
canonical
debian
apple
haxx
hp
opensuse
|
fedora
ubuntu_linux
debian_linux
mac_os_x
libcurl
system_management_homepage
curl
opensuse
|
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
|
CWE-284
Improper Access Control
|
CVE-2015-3148
|
2024-11-21 11:28 |
2015-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
