|
277821
|
- |
|
banner_effect_header_project
|
banner_effect_header
|
Cross-site request forgery (CSRF) vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct…
|
CWE-352
Origin Validation Error
|
CVE-2015-0920
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277822
|
- |
|
sefrengo
|
sefrengo
|
Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter…
|
CWE-89
SQL Injection
|
CVE-2015-0919
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277823
|
- |
|
sefrengo
|
sefrengo
|
Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0918
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277824
|
- |
|
kajona
|
kajona
|
Cross-site scripting (XSS) vulnerability in the backend in Kajona before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0917
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277825
|
8.8 |
HIGH
Network
|
o-dyn
debian
canonical
|
collabtive
debian_linux
ubuntu_linux
|
Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a f…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2015-0258
|
2024-11-21 11:22 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277826
|
8.1 |
HIGH
Network
|
ibm
|
workflow
|
IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wi…
|
CWE-287
Improper Authentication
|
CVE-2015-0102
|
2024-11-21 11:22 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277827
|
7.5 |
HIGH
Network
|
gnu
debian
redhat
|
gnutls
debian_linux
enterprise_linux
|
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0294
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277828
|
9.8 |
CRITICAL
Network
|
postgresql
debian
|
postgresql
debian_linux
|
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote at…
|
CWE-89
SQL Injection
|
CVE-2015-0244
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277829
|
8.8 |
HIGH
Network
|
postgresql
debian
|
postgresql
debian_linux
|
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cau…
|
CWE-120
Classic Buffer Overflow
|
CVE-2015-0243
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277830
|
8.8 |
HIGH
Network
|
postgresql
debian
|
postgresql
debian_linux
|
Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on …
|
CWE-787
Out-of-bounds Write
|
CVE-2015-0242
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
