|
271331
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, w…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6969
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271332
|
- |
|
s9y
|
serendipity
|
Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/functions_images.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbi…
|
NVD-CWE-Other
|
CVE-2015-6968
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271333
|
- |
|
nibbleblog
|
nibbleblog
|
Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then …
|
NVD-CWE-Other
|
CVE-2015-6967
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271334
|
- |
|
nibbleblog
|
nibbleblog
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Nibbleblog before 4.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) create a post via a n…
|
CWE-352
Origin Validation Error
|
CVE-2015-6966
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271335
|
- |
|
creative-solutions
|
contact_form_generator
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2015-6965
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271336
|
- |
|
ciphercoin
|
wp_limit_login_attempts
|
Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrar…
|
CWE-89
SQL Injection
|
CVE-2015-6829
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271337
|
- |
|
securemoz
|
security_audit
|
The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man…
|
CWE-20
Improper Input Validation
|
CVE-2015-6828
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271338
|
- |
|
asus
|
tm-1900
|
Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6949
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271339
|
- |
|
corel
|
wordperfect
|
Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6948
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271340
|
- |
|
microfocus
|
accurev
|
Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the act…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6946
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
