|
211841
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
|
CWE-20
Improper Input Validation
|
CVE-2015-8760
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211842
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a li…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8759
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211843
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8758
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211844
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8757
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211845
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8756
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211846
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8755
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211847
|
7.5 |
HIGH
Network
|
acquia
|
mollom
|
The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8754
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211848
|
9.1 |
CRITICAL
Network
|
sap
|
afaria
|
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8753
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211849
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause…
|
CWE-20
Improper Input Validation
|
CVE-2015-8742
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211850
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to caus…
|
CWE-20
Improper Input Validation
|
CVE-2015-8741
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
