|
273381
|
- |
|
joomla
|
joomla\!
|
Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upl…
|
CWE-352
Origin Validation Error
|
CVE-2015-5397
|
2024-11-21 11:32 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273382
|
- |
|
redcarpet_project
|
redcarpet
|
Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5147
|
2024-11-21 11:32 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273383
|
- |
|
adobe
|
flash_player
air
air_sdk
air_sdk_\&_compiler
|
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5118
|
2024-11-21 11:32 |
2015-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273384
|
- |
|
adobe
|
flash_player
air
air_sdk
air_sdk_\&_compiler
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe A…
|
NVD-CWE-Other
|
CVE-2015-5117
|
2024-11-21 11:32 |
2015-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273385
|
- |
|
adobe
|
flash_player
air
air_sdk
air_sdk_\&_compiler
|
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Ad…
|
CWE-284
Improper Access Control
|
CVE-2015-5116
|
2024-11-21 11:32 |
2015-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273386
|
- |
|
google
iojs
nodejs
|
v8
io.js
node.js
|
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5380
|
2024-11-21 11:32 |
2015-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273387
|
- |
|
solarwinds
|
storage_manager
|
The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-5371
|
2024-11-21 11:32 |
2015-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273388
|
- |
|
zurmo
|
zurmo_crm
|
Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "What's going on?" profile field.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5365
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273389
|
- |
|
get-simple
|
getsimple_cms
|
Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5356
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273390
|
- |
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5355
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
