|
265411
|
6.5 |
MEDIUM
Network
|
collne
|
welcart_e-commerce
|
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress mishandles sessions, which allows remote attackers to obtain access by leveraging knowledge of the e-mail address associated with an ac…
|
CWE-19
Data Processing Errors
|
CVE-2016-4828
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265412
|
6.1 |
MEDIUM
Network
|
collne
|
welcart_e-commerce
|
Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a d…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4827
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265413
|
6.1 |
MEDIUM
Network
|
collne
|
welcart_e-commerce
|
Cross-site scripting (XSS) vulnerability in the Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a d…
|
CWE-79
Cross-site Scripting
|
CVE-2016-4826
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265414
|
5.6 |
MEDIUM
Network
|
collne
|
welcart_e-commerce
|
The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data.
|
CWE-20
Improper Input Validation
|
CVE-2016-4825
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265415
|
5.3 |
MEDIUM
Network
|
corega
|
cg-wlr300gnv_firmware
cg-wlr300gnv-w_firmware
|
The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attacker…
|
CWE-254
7PK - Security Features
|
CVE-2016-4824
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265416
|
7.5 |
HIGH
Network
|
corega
|
cg-wlbaragm_firmware
|
Corega CG-WLBARAGM devices allow remote attackers to cause a denial of service (reboot) via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-4823
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265417
|
8.0 |
HIGH
Adjacent
|
corega
|
cg-wlbargl_firmware
|
Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors.
|
CWE-77
Command Injection
|
CVE-2016-4822
|
2024-11-21 11:53 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265418
|
4.9 |
MEDIUM
Network
|
f5
|
big-iq_application_delivery_controller
big-iq_cloud_and_orchestration
big-ip_application_acceleration_manager
big-ip_access_policy_manager
big-ip_local_traffic_manager
big-ip_global_tr…
|
The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0…
|
CWE-200
Information Exposure
|
CVE-2016-5021
|
2024-11-21 11:53 |
2016-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265419
|
7.8 |
HIGH
Local
|
haxx
|
curl
|
Multiple untrusted search path vulnerabilities in cURL and libcurl before 7.49.1, when built with SSPI or telnet is enabled, allow local users to execute arbitrary code and conduct DLL hijacking atta…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-4802
|
2024-11-21 11:53 |
2016-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265420
|
5.6 |
MEDIUM
Network
|
ntt-bp
|
japan_connected-free_wi-fi
|
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified…
|
CWE-284
Improper Access Control
|
CVE-2016-4811
|
2024-11-21 11:53 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
