|
280941
|
- |
|
phpwind
|
phpwind
|
Open redirect vulnerability in goto.php in phpwind 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
|
NVD-CWE-Other
|
CVE-2015-4134
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280942
|
- |
|
reflex_gallery_project
|
reflex_gallery
|
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading…
|
NVD-CWE-Other
|
CVE-2015-4133
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280943
|
- |
|
arubanetworks
|
clearpass_policy_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to inject arbitrary web script or HTML via unspecified v…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4132
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280944
|
- |
|
church_admin_project
|
church_admin
|
Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrate…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4127
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280945
|
- |
|
free-counter
|
free_counter
|
Cross-site scripting (XSS) vulnerability in the Free Counter plugin 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value_ parameter in a check_stat action to…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4084
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280946
|
- |
|
tri
|
gigpress
|
Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_arti…
|
CWE-89
SQL Injection
|
CVE-2015-4066
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280947
|
- |
|
landing_pages_project
|
landing_pages
|
Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4065
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280948
|
- |
|
landing_pages_project
|
landing_pages
|
SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post pa…
|
CWE-89
SQL Injection
|
CVE-2015-4064
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280949
|
- |
|
newstatpress_project
|
newstatpress
|
Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2015-4063
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280950
|
- |
|
newstatpress_project
|
newstatpress
|
SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1 paramet…
|
CWE-89
SQL Injection
|
CVE-2015-4062
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
