|
271991
|
- |
|
vmware
|
vcenter_server
|
VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informat…
|
CWE-310
Cryptographic Issues
|
CVE-2015-6932
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271992
|
- |
|
3s-smart
|
codesys_gateway_server
|
Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6460
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271993
|
- |
|
ge
|
mds_pulsenet
|
Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or dele…
|
CWE-22
Path Traversal
|
CVE-2015-6459
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271994
|
- |
|
ge
|
mds_pulsenet
|
GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequent…
|
NVD-CWE-Other
|
CVE-2015-6456
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271995
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6939
|
2024-11-21 11:35 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271996
|
- |
|
citrix
|
netscaler_gateway_firmware
netscaler_application_delivery_controller_firmware
|
Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6672
|
2024-11-21 11:35 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271997
|
- |
|
teiko
|
farol
|
SQL injection vulnerability in the web application in Farol allows remote attackers to execute arbitrary SQL commands via the email parameter to tkmonitor/estrutura/login/Login.actions.php.
|
CWE-89
SQL Injection
|
CVE-2015-6962
|
2024-11-21 11:35 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271998
|
- |
|
igniterealtime
|
openfire
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a pass…
|
CWE-352
Origin Validation Error
|
CVE-2015-6973
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271999
|
- |
|
igniterealtime
|
openfire
|
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/cli…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6972
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272000
|
- |
|
nokia
|
\@vantage_commander
|
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6929
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
