|
277201
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scr…
|
CWE-352
Origin Validation Error
|
CVE-2015-1568
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277202
|
- |
|
epignosis
|
efront
|
Multiple cross-site request forgery (CSRF) vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication…
|
CWE-352
Origin Validation Error
|
CVE-2015-1559
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277203
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site scripting (XSS) vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" per…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1567
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277204
|
- |
|
hitachi
|
device_manager
replication_manager
tiered_storage_manager
compute_systems_manager
global_link_manager
|
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manage…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1565
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277205
|
- |
|
plainblack
|
webgui
|
Cross-site scripting (XSS) vulnerability in style-underground/search in Plain Black WebGUI 7.10.29 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1564
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277206
|
- |
|
xen
fedoraproject
|
xen
fedora
|
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.
|
CWE-399
Resource Management Errors
|
CVE-2015-1563
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277207
|
- |
|
saurus
|
saurus_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to admin/user_management.php, (2) da…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1562
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277208
|
- |
|
digium
|
asterisk
|
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of …
|
CWE-399
Resource Management Errors
|
CVE-2015-1558
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277209
|
- |
|
fancyfon
|
famoc
|
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) re…
|
CWE-89
SQL Injection
|
CVE-2015-1514
|
2024-11-21 11:25 |
2015-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277210
|
- |
|
siphon
|
siphone_enterprise_pbx
|
SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username.
|
CWE-89
SQL Injection
|
CVE-2015-1513
|
2024-11-21 11:25 |
2015-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
