|
212321
|
- |
|
igniterealtime
|
openfire
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a pass…
|
CWE-352
Origin Validation Error
|
CVE-2015-6973
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212322
|
- |
|
igniterealtime
|
openfire
|
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/cli…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6972
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212323
|
- |
|
nokia
|
\@vantage_commander
|
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and Networks and Nokia Siemens Networks) @vantage Commander allow remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6929
|
2024-11-21 11:35 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212324
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, w…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6969
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212325
|
- |
|
s9y
|
serendipity
|
Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/functions_images.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbi…
|
NVD-CWE-Other
|
CVE-2015-6968
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212326
|
- |
|
nibbleblog
|
nibbleblog
|
Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then …
|
NVD-CWE-Other
|
CVE-2015-6967
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212327
|
- |
|
nibbleblog
|
nibbleblog
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Nibbleblog before 4.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) create a post via a n…
|
CWE-352
Origin Validation Error
|
CVE-2015-6966
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212328
|
- |
|
creative-solutions
|
contact_form_generator
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2015-6965
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212329
|
- |
|
ciphercoin
|
wp_limit_login_attempts
|
Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the WP Limit Login Attempts plugin before 2.0.1 for WordPress allow remote attackers to execute arbitrar…
|
CWE-89
SQL Injection
|
CVE-2015-6829
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212330
|
- |
|
securemoz
|
security_audit
|
The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man…
|
CWE-20
Improper Input Validation
|
CVE-2015-6828
|
2024-11-21 11:35 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
