Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

hyp3rlinx vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2015-8037
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager prior to 5.2.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) SOMVpnSSLPortalDialog or (2) FGDMngUpdHistory.
Fortinet Fortimanager Firmware
NA
CVE-2015-8038
Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortinet FortiManager prior to 5.2.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) sharedjobmanager or (2) SOMServiceObjDialog.
Fortinet Fortimanager Firmware
8.8
CVSSv3
CVE-2015-7293
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and previous versions, and Plone prior to 5.x.
Plone Plone 4.3.11Plone Plone 4.3.10Plone Plone 4.3.9Plone Plone 4.3.8Plone Plone 4.2.2Plone Plone 4.2.1Plone Plone 4.2Plone Plone 4.1.6Plone Plone 4.0.3Plone Plone 4.0.2Plone Plone 4.0.1Plone Plone 4.0Plone Plone 4.3.3Plone Plone 4.3.2Plone Plone 4.3.1Plone Plone 4.3Plone Plone 4.1.1Plone Plone 4.1Plone Plone 4.0.10Plone Plone 4.0.9Plone Plone 3.3.1Plone Plone 3.3
9.8
CVSSv3
CVE-2015-7346
SQL injection vulnerability in ZCMS 1.1.
Zcms Project Zcms 1.1
4.8
CVSSv3
CVE-2015-7347
Cross-site scripting (XSS) vulnerability in ZCMS JavaServer Pages Content Management System 1.1.
Zcms Project Zcms 1.1
NA
CVE-2015-7707
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
Igniterealtime Openfire 3.10.2
NA
CVE-2015-6944
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.
Jsp\\/mysql Administrador Web Project Jsp\\/mysql Administrador Web 1.0
NA
CVE-2015-6945
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote malicious users to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.
Jsp\\/mysql Administrador Web Project Jsp\\/mysql Administrador Web 1.0
NA
CVE-2015-6972
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) groupchatName parameter to plugins/clientcontrol/create-bookmark.jsp; the (2) urlName parameter to plugins/client...
Igniterealtime Openfire 3.10.2
NA
CVE-2015-6973
Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote malicious users to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafte...
Igniterealtime Openfire 3.10.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook