|
268071
|
5.3 |
MEDIUM
Network
|
trendmicro
|
officescan
worry-free_business_security
worry-free_business_security_services
|
Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via u…
|
CWE-22
Path Traversal
|
CVE-2016-1223
|
2024-11-21 11:45 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268072
|
3.7 |
LOW
Network
|
nttdata
|
terasoluna_server_framework_for_java_web
|
NTT Data TERASOLUNA Server Framework for Java(WEB) 2.0.0.1 through 2.0.6.1, as used in Fujitsu Interstage Business Application Server and other products, allows remote attackers to bypass a file-exte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1183
|
2024-11-21 11:45 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268073
|
6.1 |
MEDIUM
Network
|
ntt
|
webarena_service_formmail
|
Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1230
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268074
|
5.4 |
MEDIUM
Network
|
humhub
|
humhub
|
Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1229
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268075
|
6.1 |
MEDIUM
Network
|
kobe-beauty
|
php-contact-form
|
Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1222
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268076
|
2.7 |
LOW
Network
|
futomi
|
mp_form_mail_cgi
|
Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2016-1212
|
2024-11-21 11:45 |
2016-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268077
|
6.1 |
MEDIUM
Network
|
epoch
|
web_mailing_list
|
Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1211
|
2024-11-21 11:45 |
2016-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268078
|
5.4 |
MEDIUM
Network
|
iodata
|
wn-g300r2_firmware
wn-g300r3_firmware
wn-g300r_firmware
|
Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1207
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268079
|
4.3 |
MEDIUM
Adjacent
|
iodata
|
wn-gdn\/r3_firmware
|
The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-f…
|
CWE-200
Information Exposure
|
CVE-2016-1206
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268080
|
9.8 |
CRITICAL
Network
|
ninjaforms
|
ninja_forms
|
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
|
CWE-20
Improper Input Validation
|
CVE-2016-1209
|
2024-11-21 11:45 |
2016-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
