|
271401
|
- |
|
path_breadcrumbs_project
|
path_breadcrumbs
|
Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path B…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6754
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271402
|
- |
|
quick_edit_project
|
quick_edit
|
Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6753
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271403
|
- |
|
pligg
|
pligg_cms
|
Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via a request to admin…
|
CWE-352
Origin Validation Error
|
CVE-2015-6655
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271404
|
- |
|
search_api_autocomplete_project
|
search_api_autocomplete
|
Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6752
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271405
|
- |
|
time_tracker_project
|
time_tracker
|
Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6751
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271406
|
- |
|
youtube_embed_project
|
youtube_embed
|
Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugin before 3.3.3 for WordPress allows remote administrators to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6535
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271407
|
- |
|
ricoh
|
dl-1_sr10
|
Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6750
|
2024-11-21 11:35 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271408
|
- |
|
basware
|
banking
|
Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent access to private keys, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this ident…
|
CWE-200
Information Exposure
|
CVE-2015-6747
|
2024-11-21 11:35 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271409
|
- |
|
basware
|
banking
|
Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE:…
|
CWE-200
Information Exposure
|
CVE-2015-6746
|
2024-11-21 11:35 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271410
|
- |
|
basware
|
banking
|
Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NO…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6745
|
2024-11-21 11:35 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
