|
277481
|
- |
|
webmin
|
webmin
|
The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink attack on an unspecified file.
|
CWE-59
Link Following
|
CVE-2015-1377
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277482
|
- |
|
acme
|
mini_httpd
|
mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1548
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277483
|
- |
|
phpbb
|
phpbb
|
The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the fu…
|
CWE-352
Origin Validation Error
|
CVE-2015-1432
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277484
|
- |
|
phpbb
|
phpbb
|
Cross-site scripting (XSS) vulnerability in includes/startup.php in phpBB before 3.0.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to "Relative Path Overwrite."
|
CWE-79
Cross-site Scripting
|
CVE-2015-1431
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277485
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scr…
|
CWE-352
Origin Validation Error
|
CVE-2015-1568
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277486
|
- |
|
epignosis
|
efront
|
Multiple cross-site request forgery (CSRF) vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication…
|
CWE-352
Origin Validation Error
|
CVE-2015-1559
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277487
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site scripting (XSS) vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" per…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1567
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277488
|
- |
|
hitachi
|
device_manager
replication_manager
tiered_storage_manager
compute_systems_manager
global_link_manager
|
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manage…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1565
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277489
|
- |
|
plainblack
|
webgui
|
Cross-site scripting (XSS) vulnerability in style-underground/search in Plain Black WebGUI 7.10.29 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1564
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277490
|
- |
|
xen
fedoraproject
|
xen
fedora
|
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.
|
CWE-399
Resource Management Errors
|
CVE-2015-1563
|
2024-11-21 11:25 |
2015-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
