|
281761
|
- |
|
drupal
|
drupal
|
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2015-3233
|
2024-11-21 11:28 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281762
|
- |
|
drupal
debian
|
drupal
debian_linux
|
Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination…
|
NVD-CWE-Other
|
CVE-2015-3232
|
2024-11-21 11:28 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281763
|
- |
|
drupal
debian
|
drupal
debian_linux
|
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.
|
CWE-200
Information Exposure
|
CVE-2015-3231
|
2024-11-21 11:28 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281764
|
- |
|
airties
|
air_firmware
|
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2797
|
2024-11-21 11:28 |
2015-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281765
|
- |
|
vestacp
|
vesta_control_panel
|
Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel before 0.9.8-14 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-2861
|
2024-11-21 11:28 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281766
|
- |
|
akronymmanager_project
|
akronymmanager
|
SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to exec…
|
CWE-89
SQL Injection
|
CVE-2015-2803
|
2024-11-21 11:28 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281767
|
- |
|
libmimedir_project
|
libmimedir
|
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."
|
CWE-74
Injection
|
CVE-2015-3205
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281768
|
- |
|
ceph
|
ceph-deploy
|
ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
|
CWE-200
Information Exposure
|
CVE-2015-3010
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281769
|
- |
|
alcatel-lucent
|
omniswitch_firmware
|
Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900,…
|
CWE-352
Origin Validation Error
|
CVE-2015-2805
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281770
|
- |
|
alcatel-lucent
|
omniswitch_firmware
|
The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifier…
|
CWE-200
Information Exposure
|
CVE-2015-2804
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
