|
273541
|
- |
|
hp
|
universal_configuration_management_database
|
HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21 allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-5440
|
2024-11-21 11:33 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273542
|
- |
|
ibs_mappro_project
|
ibs_mappro
|
Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2015-5472
|
2024-11-21 11:33 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273543
|
- |
|
ntt-bp
|
japan_connected-free_wi-fi
|
Cross-site scripting (XSS) vulnerability in the NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows remote attackers to in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5630
|
2024-11-21 11:33 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273544
|
- |
|
ntt-bp
|
japan_connected-free_wi-fi
|
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtai…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5629
|
2024-11-21 11:33 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273545
|
- |
|
canon
|
pixma_mg7500_series_inkjet_printer
|
Cross-site request forgery (CSRF) vulnerability in the Remote UI on Canon PIXMA MG7500 printers allows remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2015-5631
|
2024-11-21 11:33 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273546
|
- |
|
opendocman
|
opendocman
|
Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5625
|
2024-11-21 11:33 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273547
|
- |
|
freebit
|
elphonebtnv6_activex_control
|
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5624
|
2024-11-21 11:33 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273548
|
- |
|
isc
apple
|
bind
mac_os_x_server
|
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a …
|
CWE-20
Improper Input Validation
|
CVE-2015-5722
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273549
|
- |
|
geddyjs
|
geddy
|
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the de…
|
CWE-22
Path Traversal
|
CVE-2015-5688
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273550
|
- |
|
octobercms
|
october
|
Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5612
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
