Export limit exceeded: 365299 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365299 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-0902 1 Semperfiwebdesign 1 All In One Seo Pack 2025-04-12 N/A
The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence of password protection during generation of the Meta Description field, which allows remote attackers to obtain sensitive information by reading HTML source code.
CVE-2015-0903 1 Hidemaru 1 Editor 2025-04-12 N/A
Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted .hmbook file.
CVE-2015-0905 1 Bblog Project 1 Bblog 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authentication of arbitrary users.
CVE-2015-0906 1 Lhaplus 1 Lhaplus 2025-04-12 N/A
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.
CVE-2015-0907 1 Lhaplus 1 Lhaplus 2025-04-12 N/A
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.
CVE-2015-0901 1 Flashy Project 1 Flashy 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the duwasai flashy theme 1.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-0910 1 Dounokouno 1 Transmitmail 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.
CVE-2015-0911 1 Dounokouno 1 Transmitmail 2025-04-12 N/A
Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.
CVE-2015-0912 1 Kozos 1 Easyctf 2025-04-12 N/A
EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors.
CVE-2015-0913 1 Kozos 1 Easyctf 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-0914 1 Kozos 1 Easyctf 2025-04-12 N/A
EasyCTF before 1.4 does not validate the session ID, which allows remote attackers to obtain access via a crafted HTTP request.
CVE-2015-0915 1 Rakus 1 Maildealer 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted attachment filename.
CVE-2015-0916 1 Cacti 1 Cacti 2025-04-12 N/A
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035.
CVE-2015-0917 1 Kajona 1 Kajona 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the backend in Kajona before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
CVE-2015-0918 1 Sefrengo 1 Sefrengo 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/main.php.
CVE-2015-0919 1 Sefrengo 1 Sefrengo 2025-04-12 N/A
Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter to backend/main.php.
CVE-2015-0920 1 Banner Effect Header Project 1 Banner Effect Header 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the banner_effect_email parameter in the BannerEffectOptions page to wp-admin/options-general.php.
CVE-2015-0921 1 Mcafee 1 Epolicy Orchestrator 2025-04-12 N/A
XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the conditionXML parameter to the taskLogTable to orionUpdateTableFilter.do.
CVE-2015-0922 1 Mcafee 1 Epolicy Orchestrator 2025-04-12 N/A
McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password.
CVE-2015-0923 1 Ektron 1 Ektron Content Management System 2025-04-12 N/A
The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference within an XML document named in the xslt parameter, related to an XML External Entity (XXE) issue.