|
278881
|
- |
|
fortinet
|
fortios
|
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1451
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278882
|
- |
|
restaurantbiller
|
restaurant_biller
|
SQL injection vulnerability in Restaurant Biller allows remote attackers to execute arbitrary SQL commands via the cid parameter in a category action to index.php.
|
CWE-89
SQL Injection
|
CVE-2015-1450
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278883
|
- |
|
siemens
|
ruggedcom_firmware
|
Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1449
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278884
|
- |
|
siemens
|
ruggedcom_firmware
|
The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1448
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278885
|
- |
|
10web
|
photo_gallery
|
SQL injection vulnerability in the Photo Gallery plugin before 1.2.11 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the asc_or_desc parameter in a create galle…
|
CWE-89
SQL Injection
|
CVE-2015-1393
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278886
|
- |
|
blubrry
|
powerpress
|
Cross-site scripting (XSS) vulnerability in the Blubrry PowerPress Podcasting plugin before 6.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cat parameter in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1385
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278887
|
- |
|
cyberhobo
|
geo_mashup
|
Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1383
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278888
|
- |
|
siemens
|
ruggedcom_firmware
|
Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with …
|
CWE-200
Information Exposure
|
CVE-2015-1357
|
2024-11-21 11:25 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278889
|
- |
|
jakweb
|
gecko_cms
|
Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a newus…
|
CWE-352
Origin Validation Error
|
CVE-2015-1424
|
2024-11-21 11:25 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278890
|
- |
|
jakweb
|
gecko_cms
|
Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to admin/index.php.
|
CWE-89
SQL Injection
|
CVE-2015-1423
|
2024-11-21 11:25 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
