|
276781
|
- |
|
fatfreecrm
|
fat_free_crm
|
Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafted HTML page that creat…
|
CWE-352
Origin Validation Error
|
CVE-2015-1585
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276782
|
- |
|
softsphere
|
defensewall_personal_firewall
|
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x002…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1515
|
2024-11-21 11:25 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276783
|
- |
|
isc
|
bind
|
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of servic…
|
CWE-399
Resource Management Errors
|
CVE-2015-1349
|
2024-11-21 11:25 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276784
|
- |
|
siemens
|
wincc
|
The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime f…
|
CWE-310
Cryptographic Issues
|
CVE-2015-1358
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276785
|
- |
|
siemens
|
simatic_step_7
|
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1356
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276786
|
- |
|
siemens
|
simatic_step_7
|
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting …
|
CWE-310
Cryptographic Issues
|
CVE-2015-1355
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276787
|
- |
|
webform_prepopulate_block_project
|
webform_prepopulate_block
|
Cross-site scripting (XSS) vulnerability in the Webform prepopulate block module before 7.x-3.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vec…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1621
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276788
|
- |
|
mcafee
|
email_gateway
|
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1619
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276789
|
- |
|
mcafee
|
data_loss_prevention_endpoint
|
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL.
|
CWE-200
Information Exposure
|
CVE-2015-1618
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276790
|
- |
|
mcafee
|
data_loss_prevention_endpoint
|
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1617
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
