|
277621
|
- |
|
get-simple
|
getsimple_cms
|
Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5356
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277622
|
- |
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5355
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277623
|
- |
|
novius-os
|
novius_os
|
Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/l…
|
CWE-601
Open Redirect
|
CVE-2015-5354
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277624
|
- |
|
novius-os
|
novius_os
|
Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tab parameter to admin/.
|
CWE-22
Path Traversal
|
CVE-2015-5353
|
2024-11-21 11:32 |
2015-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277625
|
- |
|
themepunch
|
slider_revolution
|
Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5151
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277626
|
- |
|
zohocorp
|
manageengine_supportcenter_plus
|
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5150
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277627
|
- |
|
zohocorp
|
manageengine_supportcenter_plus
|
Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. (dot dot) in the component parameter in the Reque…
|
CWE-22
Path Traversal
|
CVE-2015-5149
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277628
|
- |
|
livelycart
|
livelycart
|
SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search.
|
CWE-89
SQL Injection
|
CVE-2015-5148
|
2024-11-21 11:32 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277629
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in LimeSurvey 2.06+ allows remote authenticated users to execute arbitrary SQL commands via the close…
|
CWE-89
SQL Injection
|
CVE-2015-5078
|
2024-11-21 11:32 |
2015-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277630
|
- |
|
sap
|
mobile_platform
|
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security …
|
NVD-CWE-Other
|
CVE-2015-5068
|
2024-11-21 11:32 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
