|
272011
|
- |
|
jsp\/mysql_administrador_web_project
|
jsp\/mysql_administrador_web
|
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6945
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272012
|
- |
|
jsp\/mysql_administrador_web_project
|
jsp\/mysql_administrador_web
|
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the…
|
CWE-352
Origin Validation Error
|
CVE-2015-6944
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272013
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled, allow…
|
CWE-89
SQL Injection
|
CVE-2015-6943
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272014
|
- |
|
phpmyadmin
|
phpmyadmin
|
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against…
|
CWE-200
Information Exposure
|
CVE-2015-6830
|
2024-11-21 11:35 |
2015-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272015
|
- |
|
zendesk
|
zendesk_feedback_tab
|
Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab module 7.x-1.x before 7.x-1.1 for Drupal allows remote administrators with the "Configure Zendesk Feedback Tab" permission to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6921
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272016
|
- |
|
sourceafrica_project
|
sourceafrica
|
Cross-site scripting (XSS) vulnerability in js/window.php in the sourceAFRICA plugin 0.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6920
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272017
|
- |
|
googlesearch_project
|
googlesearch
|
Cross-site scripting (XSS) vulnerability in the googleSearch (CSE) (com_googlesearch_cse) component 3.0.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the q paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6919
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272018
|
- |
|
montala
|
resourcespace
|
SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and earlier allows remote attackers to execute arbitrary SQL commands via the "user" cookie to plugins/feedback/pages/feedback.ph…
|
CWE-89
SQL Injection
|
CVE-2015-6915
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272019
|
- |
|
mindbite
|
sitefactory_cms
|
Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx.
|
CWE-22
Path Traversal
|
CVE-2015-6914
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272020
|
- |
|
synology
|
download_station
|
Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology Download Station before 3.5-2967 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6913
|
2024-11-21 11:35 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
