|
282851
|
- |
|
sierra_wireless
|
sierra_wireless_aircard_763s
sierra_wireless_aircard_760s
sierra_wireless_aircard_762s
|
CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequen…
|
NVD-CWE-Other
|
CVE-2015-2054
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282852
|
- |
|
mcafee
|
mcafee_agent
|
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks …
|
CWE-20
Improper Input Validation
|
CVE-2015-2053
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282853
|
- |
|
dlink
|
dir-645_firmware
|
Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2052
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282854
|
- |
|
dlink
|
dap-1320_firmware
|
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2050
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282855
|
- |
|
dlink
|
dcs-931l_firmware
|
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
|
NVD-CWE-Other
|
CVE-2015-2049
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282856
|
- |
|
dlink
|
dcs-931l_firmware
|
Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2015-2048
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282857
|
- |
|
typo3
debian
|
typo3
debian_linux
|
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authenti…
|
CWE-287
Improper Authentication
|
CVE-2015-2047
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282858
|
- |
|
cfdbplugin
|
contact_form_db
|
Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2040
|
2024-11-21 11:26 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282859
|
- |
|
acobot_live_chat_\&_contact_form_project
|
acobot_live_chat_\&_contact_form
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress allow remote attackers to hijack the authentication of administrators for re…
|
CWE-352
Origin Validation Error
|
CVE-2015-2039
|
2024-11-21 11:26 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282860
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote administrators to execute arbitrary SQL commands via the user parameter in the history page to admin.php.
|
CWE-89
SQL Injection
|
CVE-2015-2035
|
2024-11-21 11:26 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
