|
272101
|
- |
|
font_project
|
font
|
Absolute path traversal vulnerability in Font.php in the Font plugin before 7.5.1 for WordPress allows remote administrators to read arbitrary files via a full pathname in the url parameter to AjaxPr…
|
CWE-22
Path Traversal
|
CVE-2015-7683
|
2024-11-21 11:37 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272102
|
- |
|
genetechsolutions
|
pie_register
|
Multiple SQL injection vulnerabilities in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allow remote administrators to execute arbitrary SQL commands via the (1…
|
CWE-89
SQL Injection
|
CVE-2015-7682
|
2024-11-21 11:37 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272103
|
- |
|
solarwinds
|
log_and_event_manager
|
The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7840
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272104
|
- |
|
solarwinds
|
log_and_event_manager
|
SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the tracerout…
|
CWE-77
Command Injection
|
CVE-2015-7839
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272105
|
- |
|
solarwinds
|
storage_manager
|
ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-7838
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272106
|
- |
|
sap
|
businessobjects_xi
businessobjects_edge
businessobjects
|
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7730
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272107
|
- |
|
sap
|
hana
|
Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via uns…
|
CWE-94
Code Injection
|
CVE-2015-7729
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272108
|
- |
|
sap
|
hana
|
Cross-site scripting (XSS) vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2015-7728
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272109
|
- |
|
sap
|
hana
|
Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allow remote authenticated users to execute arbitrary SQL commands via un…
|
CWE-89
SQL Injection
|
CVE-2015-7727
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272110
|
- |
|
sap
|
hana
|
Cross-site scripting (XSS) vulnerability in role deletion in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allows remote authenticated users to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7726
|
2024-11-21 11:37 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
