Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2015-03-06
Medium Risk

Ruby on Rails ActiveModel::Name to_json Call Infinite Loop Remote DoS

Maertin
Medium Risk

Nvidia Mental Ray Satellite Service Arbitrary DLL Injection

Ben Campbell
Medium Risk

WordPress Download Manager 2.7.2 Privilege Escalation

(CVE)
Kacper Szurek
Medium Risk

ProjectSend r561 SQL injection vulnerability

ITAS Team
High Risk

WeBid 1.1.1 Unrestricted File Upload Exploit

CWH Underground
2015-03-05
High Risk

Linux Kernel IRET Instruction #SS Fault Handling Crash PoC

(CVE)
Emeric Nasi
Medium Risk

Linux Kernel PPP-over-L2TP Socket Level Handling Crash PoC

(CVE)
Emeric Nasi
Medium Risk

Linux Kernel Associative Array Garbage Collection Crash PoC

(CVE)
Emeric Nasi
High Risk

HP Data Protector 8.10 Remote Command Execution

(CVE)
Matthew Hall
Low Risk

Netcat CMS 5.5 Cross Site Scripting

Provensec
Low Risk

WordPress Max Banner Ads 1.9 Cross Site Scripting

Wang Jing
Low Risk

WordPress Newsletter 2.6.x / 2.5.x Open Redirect

Wang Jing
Medium Risk

Webshop Hun 1.062S Directory Traversal

Wang Jing
Low Risk

Webshop Hun 1.062S Cross Site Scripting

Wang Jing
Medium Risk

Webshop hun v1.062S /index.php Multiple Parameters SQL

Wang Jing
2015-03-04
Medium Risk

SSL/TLS Vulnerability Explained

(CVE)
digitalmunition
Low Risk

PostgreSQL password hashing

Michael
Medium Risk

Tor Browser 4.0.3 with websockets enabled by default

Pablo
Medium Risk

WordPress Webdorado Spider Event Calendar <= 1.4.9 SQL Injection

(CVE)
Mateusz Lach
Low Risk

BEdita CMS 3.5.1 Cross Site Scripting

Provensec
Medium Risk

Solarwinds Orion Service SQL Injection

(CVE)
volatile-minds
High Risk

PHPMoAdmin Remote Code Execution

@u0x
2015-03-03
Low Risk

GPON Zhone R4.0.2.566b D.O.S.

(CVE)
Kaczinski lramir...
High Risk

Symantec Web Gateway 5 restore.php Command Injection

(CVE)
sinn3r
Low Risk

Piwik Signature Validation

Taylor
Medium Risk

Ubuntu Vivid Upstart Privilege Escalation

halfdog
Low Risk

Slim PHP Framework 2.5.0 Weak Cryptography

Scott Arciszewsk...
Low Risk

ATutor LCMS 2.2 Cross Site Request Forgery

(CVE)
Edric Teo
Medium Risk

ECCMS 1.0 Cross Site Scripting / SQL Injection

R3VANBASTARD
Medium Risk

BEdita CMS 3.5.0 Cross Site Request Forgery / Cross Site Scripting

Edric Teo
High Risk

Swiss File Knife 1.7.4 Buffer Overflow

Vulnerability La...
High Risk

NetCat CMS 3.12 Remote File Inclusion

Wang Jing
Low Risk

Fortimail 5.2.1 Cross Site Scripting

William Costa
Medium Risk

WordPress Calculated Fields Form 1.0.10 SQL Injection

Ibrahim Raafat
Medium Risk

WordPress Photocrati Theme 4.x.x SQL Injection

[ ayastar ]
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2015-03-06
2015-03-05
 
CVE-2014-2130
( 6.5/10 )
 
  Cisco Secure access control system
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary co...
 
CVE-2014-9688
( 7.5/10 )
 
  Ninjaforms Ninja forms
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
 
CVE-2015-2214
( 5/10 )
 
  Netcat Netcat
NetCat 5.01 and earlier allows remote attackers to obtain the installation path via the redirect_url parameter to netshop/post.php.
 
CVE-2015-2215
( 5.8/10 )
 
  Services single sign-on server helpe... Services single sign-on server...
Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.
 
CVE-2015-2216
( 7.5/10 )
 
  Photocati media Photocrati
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter.
 
CVE-2015-2218
( 4.3/10 )
 
  Magic hills Wonderplugin audio player
Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) ...
 
CVE-2015-2220
( 4.3/10 )
 
  Ninjaforms Ninja forms
Multiple cross-site scripting (XSS) vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the ninja_forms_field_1 parameter in a ninja_forms_ajax_submit action to wp...
 
CVE-2015-0598
( 6.8/10 )
 
  Cisco IOS
The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693.
 
CVE-2015-0607
( 4.3/10 )
 
  Cisco IOS
The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that trigg...
 
CVE-2015-0657
( 5/10 )
 
  Cisco Ios xr
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192.
 
CVE-2015-0659
( 5/10 )
 
  Cisco IOS
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS allows remote attackers to trigger self-referential adjacencies via a crafted Autonomic Networking (AN) message, aka Bug ID CSCup62157.
 
CVE-2015-0661
( 4/10 )
 
  Cisco Ios xr
The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858.
 
CVE-2015-1483
( 10/10 )
 
  Symantec Netbackup opscenter
Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX allows remote attackers to execute arbitrary JavaScript code via unspecified vectors.
2015-03-04
 
CVE-2014-8617
( 4.3/10 )
 
  Fortinet Fortimail
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web scr...
 
CVE-2015-2209
( 5/10 )
 
  Dlguard Dlguard
DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php.
 
CVE-2015-0891
( 4.3/10 )
 
  TISA Maroyaka simple board
Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Simple Board allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
 
CVE-2015-0892
( 4.3/10 )
 
  TISA Maroyaka image album
Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Image Album allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
 
CVE-2015-0893
( 4.3/10 )
 
  TISA Maroyaka relay novel
Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Relay Novel allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2015-03-03
 
CVE-2014-7896
( 4.3/10 )
 
  HP Xp7 global link manager softwa...
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, H...
 
CVE-2014-9283
( 5/10 )
 
  Bestwebsoft Captcha
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2015, cxsecurity.com