|
281601
|
- |
|
fortinet
|
forticlient
|
The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to…
|
CWE-310
Cryptographic Issues
|
CVE-2015-1570
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281602
|
- |
|
fortinet
|
forticlient
|
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof SSL VPN servers via a crafted certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2015-1569
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281603
|
- |
|
webmin
|
webmin
|
The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink attack on an unspecified file.
|
CWE-59
Link Following
|
CVE-2015-1377
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281604
|
- |
|
acme
|
mini_httpd
|
mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1548
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281605
|
- |
|
phpbb
|
phpbb
|
The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the fu…
|
CWE-352
Origin Validation Error
|
CVE-2015-1432
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281606
|
- |
|
phpbb
|
phpbb
|
Cross-site scripting (XSS) vulnerability in includes/startup.php in phpBB before 3.0.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to "Relative Path Overwrite."
|
CWE-79
Cross-site Scripting
|
CVE-2015-1431
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281607
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scr…
|
CWE-352
Origin Validation Error
|
CVE-2015-1568
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281608
|
- |
|
epignosis
|
efront
|
Multiple cross-site request forgery (CSRF) vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication…
|
CWE-352
Origin Validation Error
|
CVE-2015-1559
|
2024-11-21 11:25 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281609
|
- |
|
studio.gd
|
gd_infinite_scroll
|
Cross-site scripting (XSS) vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" per…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1567
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281610
|
- |
|
hitachi
|
device_manager
replication_manager
tiered_storage_manager
compute_systems_manager
global_link_manager
|
Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems Manage…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1565
|
2024-11-21 11:25 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
