|
274311
|
- |
|
zohocorp
|
manageengine_supportcenter_plus
|
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5150
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274312
|
- |
|
zohocorp
|
manageengine_supportcenter_plus
|
Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Reque…
|
CWE-22
Path Traversal
|
CVE-2015-5149
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274313
|
- |
|
livelycart
|
livelycart
|
SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search.
|
CWE-89
SQL Injection
|
CVE-2015-5148
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274314
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in LimeSurvey 2.06+ allows remote authenticated users to execute arbitrary SQL commands via the close…
|
CWE-89
SQL Injection
|
CVE-2015-5078
|
2024-11-21 11:32 |
2015-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274315
|
- |
|
sap
|
mobile_platform
|
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security …
|
NVD-CWE-Other
|
CVE-2015-5068
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274316
|
- |
|
sap
|
netweaver
|
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes …
|
CWE-255
Credentials Management
|
CVE-2015-5067
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274317
|
- |
|
metalgenix
|
genixcms
|
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add act…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5066
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274318
|
- |
|
intelligent-it
|
paypal_currency_converter_basic_for_woocommerce
|
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read…
|
CWE-22
Path Traversal
|
CVE-2015-5065
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274319
|
- |
|
mysql-lite-administrator_project
|
mysql-lite-administrator
|
Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name para…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5064
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274320
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_passwo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5063
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
