|
274601
|
- |
|
zurmo
|
zurmo_crm
|
Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "What's going on?" profile field.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5365
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274602
|
- |
|
get-simple
|
getsimple_cms
|
Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5356
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274603
|
- |
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5355
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274604
|
- |
|
novius-os
|
novius_os
|
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/l…
|
CWE-601
Open Redirect
|
CVE-2015-5354
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274605
|
- |
|
novius-os
|
novius_os
|
Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tab parameter to admin/.
|
CWE-22
Path Traversal
|
CVE-2015-5353
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274606
|
- |
|
themepunch
|
slider_revolution
|
Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5151
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274607
|
- |
|
zohocorp
|
manageengine_supportcenter_plus
|
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5150
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274608
|
- |
|
zohocorp
|
manageengine_supportcenter_plus
|
Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Reque…
|
CWE-22
Path Traversal
|
CVE-2015-5149
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274609
|
- |
|
livelycart
|
livelycart
|
SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search.
|
CWE-89
SQL Injection
|
CVE-2015-5148
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274610
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in LimeSurvey 2.06+ allows remote authenticated users to execute arbitrary SQL commands via the close…
|
CWE-89
SQL Injection
|
CVE-2015-5078
|
2024-11-21 11:32 |
2015-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
