|
270881
|
6.1 |
MEDIUM
Network
|
getsymphony
|
symphony
|
Multiple cross-site scripting (XSS) vulnerabilities in content/content.systempreferences.php in Symphony CMS before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ema…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8766
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270882
|
8.3 |
HIGH
Network
|
mcafee
|
epolicy_orchestrator
|
Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a craft…
|
NVD-CWE-Other
|
CVE-2015-8765
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270883
|
9.0 |
CRITICAL
Network
|
values_project
|
values
|
The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the "Import value sets" permission to execute arbitrary PHP code via t…
|
CWE-94
Code Injection
|
CVE-2015-8761
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270884
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
|
CWE-20
Improper Input Validation
|
CVE-2015-8760
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270885
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a li…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8759
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270886
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8758
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270887
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8757
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270888
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8756
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270889
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8755
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270890
|
7.5 |
HIGH
Network
|
acquia
|
mollom
|
The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8754
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
