U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Bulletin (SB15-173)

Vulnerability Summary for the Week of June 15, 2015

Original release date: June 22, 2015

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
cacti -- cactiSQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.2015-06-177.5CVE-2015-4342
CONFIRM
FULLDISC
MISC
CONFIRM
cacti -- cactiSQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.2015-06-177.5CVE-2015-4454
CONFIRM
CONFIRM
cgi_rescue -- blobeeCGI RESCUE BloBee 1.20 and earlier allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via unspecified vectors.2015-06-137.5CVE-2015-2962
JVNDB
JVN
cisco -- ios_xr_softwareCisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.2015-06-127.8CVE-2015-0769
CISCO
cisco -- telepresence_video_communication_server_softwareCisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422.2015-06-127.1CVE-2015-0772
CISCO
cisco -- unified_computing_systemCisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.2015-06-177.2CVE-2015-4183
CISCO
cisco -- virtualization_experience_client_6000_series_firmwareThe diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS command execution via a crafted option value, aka Bug ID CSCug54412.2015-06-177.2CVE-2015-4186
CISCO
emc -- unified_infrastructure_manager/provisioningEMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attackers to bypass LDAP authentication by providing a valid account name.2015-06-1710.0CVE-2015-0546
BUGTRAQ
frontend_user_upload_project -- frontend_user_uploadUnrestricted file upload vulnerability in the Frontend User Upload (feupload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension using a frontend form, then accessing it via a direct request to the file in the fileadmin folder.2015-06-167.5CVE-2015-4607
MISC
igreks -- milkystep_lightIgreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.2015-06-137.5CVE-2015-2955
JVNDB
JVN
CONFIRM
igreks -- milkystep_lightSQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.2015-06-137.5CVE-2015-2956
JVNDB
JVN
CONFIRM
job_fair_project -- job_fairUnrestricted file upload vulnerability in the Job Fair (jobfair) extension before 1.0.1 for TYPO3, when using Apache with mod_mime, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the extension upload folder.2015-06-167.5CVE-2015-4606
CONFIRM
MISC
joomla -- joomla!SQL injection vulnerability in the EQ Event Calendar component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to eqfullevent.2015-06-187.5CVE-2015-4654
MISC
libmimedir_project -- libmimedirlibmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."2015-06-167.5CVE-2015-3205
EXPLOIT-DB
MISC
milw0rm_project -- milw0rm_clone_scriptMultiple SQL injection vulnerabilities in admin/login.php in Milw0rm Clone Script 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) usr or (2) pwd parameter.2015-06-187.5CVE-2015-4658
EXPLOIT-DB
n-tron -- 702w_industrial_wireless_access_pointN-Tron 702-W Industrial Wireless Access Point devices use the same (1) SSH and (2) HTTPS private keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key.2015-06-138.8CVE-2012-4716
MISC
openssl -- opensslThe dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.2015-06-127.5CVE-2014-8176
CONFIRM
CONFIRM
CONFIRM
qemu -- qemuHeap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.2015-06-157.5CVE-2015-3209
CONFIRM
vmware -- fusionVMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command.2015-06-137.8CVE-2015-2341
CONFIRM
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
actian -- matrixActian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows remote authenticated users to bypass intended write-access restrictions and execute an UPDATE statement by referencing a table.2015-06-136.5CVE-2015-3993
CONFIRM
adobe -- connectCross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.2015-06-134.3CVE-2015-0343
CONFIRM
BUGTRAQ
adobe -- connectCross-site scripting (XSS) vulnerability in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2015-06-134.3CVE-2015-0344
CONFIRM
akronymmanager_project -- akronymmanagerSQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter.2015-06-176.0CVE-2015-2803
CONFIRM
MISC
EXPLOIT-DB
BUGTRAQ
FULLDISC
MISC
alcatel-lucent -- omniswitch_firmwareThe management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifiers, which allows remote attackers to hijack session via a brute force attack.2015-06-164.3CVE-2015-2804
MISC
BUGTRAQ
FULLDISC
MISC
alcatel-lucent -- omniswitch_firmwareCross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, and 8.1.1.R01 allows remote attackers to hijack the authentication of administrators for requests that create users via a crafted request.2015-06-166.8CVE-2015-2805
MISC
EXPLOIT-DB
SECTRACK
BUGTRAQ
FULLDISC
MISC
alcatel-lucent -- cellpipe_7130_router_firmwareCross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.0.0.20h.HOL allows remote attackers to inject arbitrary web script or HTML via the "Custom application" field in the "port triggering" menu.2015-06-184.3CVE-2015-4587
MISC
automattic -- genericonsCross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier.2015-06-174.3CVE-2015-3429
MISC
MISC
CONFIRM
CONFIRM
FULLDISC
bonitasoft -- bonita_bpm_portalDirectory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.2015-06-185.0CVE-2015-3897
MISC
BUGTRAQ
MISC
ca -- client_automationCA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.2015-06-174.6CVE-2015-3316
CONFIRM
ca -- client_automationCA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.2015-06-174.6CVE-2015-3317
CONFIRM
ca -- client_automationCA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.2015-06-174.6CVE-2015-3318
CONFIRM
cacti -- cactiCross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2015-06-174.3CVE-2015-2665
MISC
CONFIRM
campaign_monitor_project -- campaign_monitorMultiple cross-site request forgery (CSRF) vulnerabilities in includes/campaignmonitor_lists.admin.inc in the Campaign Monitor module 7.x-1.0 for Drupal allow remote attackers to hijack the authentication of users for requests that (1) enable list subscriptions via a request to admin/config/services/campaignmonitor/lists/%/enable or (2) disable list subscriptions via a request to admin/config/services/campaignmonitor/lists/%/disable.2015-06-156.8CVE-2015-4364
CONFIRM
MISC
CONFIRM
MLIST
chaos_tool_suite_project -- ctoolsThe Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via (1) an autocomplete search on custom entities without an access query tag or (2) leveraging knowledge of the ID of an entity.2015-06-154.3CVE-2015-4375
MISC
CONFIRM
MLIST
MLIST
chaos_tool_suite_project -- ctoolsOpen redirect vulnerability in the Chaos tool suite (ctools) module before 6.x-1.12 and 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors involving processing confirmation delete pages.2015-06-165.8CVE-2015-4398
MISC
CONFIRM
CONFIRM
BID
MLIST
MLIST
cisco -- prime_network_control_systemThe Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371.2015-06-126.5CVE-2015-0768
CISCO
cisco -- nexus_1000vThe banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.2015-06-125.0CVE-2015-0775
CISCO
cisco -- ios_xrtelnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566.2015-06-125.0CVE-2015-0776
CISCO
cisco -- identity_services_engine_softwareThe administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.2015-06-125.5CVE-2015-4182
CISCO
cisco -- email_security_applianceThe anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733.2015-06-135.0CVE-2015-4184
CISCO
cisco -- iosThe TCL interpreter in Cisco IOS 15.2 does not properly maintain the vty state, which allows local users to gain privileges by starting a session very soon after a TCL script execution, aka Bug ID CSCuq24202.2015-06-136.9CVE-2015-4185
CISCO
cisco -- prime_collaborationSQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug IDs CSCuu29910, CSCuu29928, and CSCuu59104.2015-06-175.0CVE-2015-4188
CISCO
cisco -- prime_service_catalogCisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683.2015-06-174.3CVE-2015-4190
CISCO
cisco -- ios_xrCisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.2015-06-185.0CVE-2015-4191
CISCO
cisco -- webex_meeting_centerThe web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privileged account, which allows remote attackers to enumerate account names and obtain sensitive information via a series of requests, aka Bug ID CSCuf28861.2015-06-185.0CVE-2015-4194
CISCO
cisco -- ios_xrCisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via a crafted disconnect action within an SSH session, aka Bug ID CSCul63127.2015-06-184.0CVE-2015-4195
CISCO
cisco -- adaptive_security_appliance_softwareThe Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with software 9.3(3) and 9.4(1.1) does not verify the AES-GCM Integrity Check Value (ICV) octets, which makes it easier for man-in-the-middle attackers to spoof IPSec and IKEv2 traffic by modifying packet data, aka Bug ID CSCuu66218.2015-06-174.3CVE-2015-4550
CISCO
civicrm -- civicrm_private_reportCross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of users for requests that delete reports via unspecified vectors.2015-06-156.8CVE-2015-4391
MISC
CONFIRM
CONFIRM
MLIST
commerce_ogone_project -- commerce_ogoneThe Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the checkout for an order without paying via unspecified vectors.2015-06-155.0CVE-2015-4368
CONFIRM
MISC
MLIST
decisions_project -- decisionsCross-site request forgery (CSRF) vulnerability in the Decisions module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that remove individual voters via unspecified vectors.2015-06-156.8CVE-2015-4383
MISC
MLIST
developer_log_project -- developer_logSQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors.2015-06-166.5CVE-2015-4613
CONFIRM
MISC
elasticsearch -- kibanaCross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2015-06-154.3CVE-2015-4093
CONFIRM
BUGTRAQ
MISC
elasticsearch -- logstashDirectory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.2015-06-156.4CVE-2015-4152
CONFIRM
CONFIRM
BUGTRAQ
MISC
eliacom -- enhanced_sql_portalCross-site scripting (XSS) vulnerability in Enhanced SQL Portal 5.0.7961 allows remote attackers to inject arbitrary web script or HTML via the id parameter to iframe.php.2015-06-184.3CVE-2015-4660
BUGTRAQ
MISC
entitybulkdelete_project -- entitybulkdeleteMultiple cross-site scripting (XSS) vulnerabilities in unspecified administration pages in the EntityBulkDelete module 7.x-1.0 for Drupal allow remote attackers to inject arbitrary web script or HTML via unknown vectors involving creating or editing (1) comments, (2) taxonomy terms, or (3) nodes.2015-06-154.3CVE-2015-4386
MISC
CONFIRM
MLIST
faq-frequenty_asked_questions_project -- faq-frequently_asked_questionsSQL injection vulnerability in the "FAQ - Frequently Asked Questions" (js_faq) extension before 1.2.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.2015-06-166.5CVE-2015-4612
CONFIRM
MISC
ffmpeg -- ffmpegThe msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.2015-06-166.8CVE-2015-3395
CONFIRM
CONFIRM
DEBIAN
CONFIRM
finder_project -- finderOpen redirect vulnerability in the finder_form_goto function in the Finder module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.2015-06-155.8CVE-2015-4363
MISC
MLIST
igreks -- milkystep_lightThe user-information management functionality in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote authenticated users to bypass intended access restrictions and modify administrative credentials via unspecified vectors, a different vulnerability than CVE-2015-2953 and CVE-2015-2958.2015-06-136.5CVE-2015-2952
JVNDB
JVN
CONFIRM
igreks -- milkystep_lightIgreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and read files via unspecified vectors, a different vulnerability than CVE-2015-2952 and CVE-2015-2958.2015-06-135.0CVE-2015-2953
JVNDB
JVN
CONFIRM
igreks -- milkystep_lightCross-site request forgery (CSRF) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to hijack the authentication of arbitrary users.2015-06-136.8CVE-2015-2954
JVNDB
JVN
CONFIRM
igreks -- milkystep_lightCross-site scripting (XSS) vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2015-06-134.3CVE-2015-2957
JVNDB
JVN
CONFIRM
igreks -- milkystep_lightIgreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and modify settings via unspecified vectors, a different vulnerability than CVE-2015-2952 and CVE-2015-2953.2015-06-136.4CVE-2015-2958
JVNDB
JVN
CONFIRM
inlinks_project -- inlinksCross-site scripting (XSS) vulnerability in the inLinks Integration module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified path arguments.2015-06-154.3CVE-2015-4347
MISC
MLIST
invoice_project -- invoiceMultiple cross-site request forgery (CSRF) vulnerabilities in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) create, (2) delete, or (3) alter invoices via unspecified vectors.2015-06-156.8CVE-2015-4382
CONFIRM
CONFIRM
MISC
MLIST
ispconfig -- ispconfigSQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2.2015-06-156.5CVE-2015-4118
MISC
EXPLOIT-DB
BUGTRAQ
MISC
CONFIRM
ispconfig -- ispconfigMultiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php.2015-06-156.8CVE-2015-4119
MISC
EXPLOIT-DB
BUGTRAQ
MISC
CONFIRM
keyword_research_project -- keyword_researchMultiple cross-site request forgery (CSRF) vulnerabilities in the Keyword Research module 6.x-1.x before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of users with the "kwresearch admin site keywords" permission for requests that (1) create, (2) delete, or (3) set priorities to keywords via unspecified vectors.2015-06-155.1CVE-2015-4396
MISC
CONFIRM
MLIST
labsmedia -- clickheatCross-site request forgery (CSRF) vulnerability in ClickHeat 1.14 and earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a config action to index.php.2015-06-186.8CVE-2015-4659
EXPLOIT-DB
limesurvey -- limesurveySQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter.2015-06-186.5CVE-2015-4628
CONFIRM
CONFIRM
CONFIRM
CONFIRM
mailbird -- mailbirdCross-site scripting (XSS) vulnerability in Mailbird 2.0.16.0 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted URL.2015-06-184.3CVE-2015-4657
FULLDISC
FULLDISC
mcafee -- epolicy_orchestratorCross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web services in Intel McAfee ePolicy Orchestrator (ePO) before 5.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.2015-06-154.3CVE-2015-4559
CONFIRM
node_template_project -- node_templateCross-site request forgery (CSRF) vulnerability in the Node Template module for Drupal allows remote attackers to hijack the authentication of users with the "access node template" permission for requests that delete node templates via unspecified vectors.2015-06-156.8CVE-2015-4397
MISC
MLIST
open_graph_importer_project -- open_graph_importerThe Open Graph Importer (og_tag_importer) 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import og_tag_importer" permission.2015-06-154.0CVE-2015-4389
MISC
MLIST
openssl -- opensslThe BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.2015-06-124.3CVE-2015-1788
CONFIRM
CONFIRM
openssl -- opensslThe X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.2015-06-124.3CVE-2015-1789
CONFIRM
CONFIRM
openssl -- opensslThe PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.2015-06-125.0CVE-2015-1790
CONFIRM
CONFIRM
openssl -- opensslRace condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier.2015-06-126.8CVE-2015-1791
CONFIRM
CONFIRM
openssl -- opensslThe do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function.2015-06-125.0CVE-2015-1792
CONFIRM
CONFIRM
opsview -- opsviewMultiple cross-site scripting (XSS) vulnerabilities in Opsview 4.6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) crafted check plugin, the (2) description in a host profile, or the (3) plugin_args parameter to a Test service check page.2015-06-184.3CVE-2015-4420
EXPLOIT-DB
osscube -- custom_sitemapCross-site request forgery (CSRF) vulnerability in the Custom Sitemap module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete sitemaps via unspecified vectors.2015-06-155.8CVE-2015-4353
MISC
MLIST
perfecto_project -- perfectoOpen redirect vulnerability in the Perfecto module before 7.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.2015-06-155.8CVE-2015-4371
MISC
CONFIRM
MLIST
registration_codes_project -- registration_codesCross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6, 6.x-2.x before 6.x-2.8, and 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete role-rules via unspecified vectors.2015-06-156.8CVE-2015-4360
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
MLIST
registration_codes_project -- registration_codesCross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete registration codes via unspecified vectors.2015-06-156.8CVE-2015-4361
CONFIRM
MISC
MLIST
restful_web_services_project -- restful_web_servicesThe RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.x before 7.x-2.3 for Drupal caches pages for authenticated requests, which allows remote attackers to obtain sensitive information via unspecified vectors.2015-06-155.0CVE-2015-4345
CONFIRM
CONFIRM
MISC
MLIST
rle -- nova-wind_turbine_hmi_firmwareRLE Nova-Wind Turbine HMI devices store cleartext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.2015-06-135.0CVE-2015-3951
MISC
se_html5_album_audio_player_project -- se_html5_album_audio_playerDirectory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.2015-06-175.0CVE-2015-4414
EXPLOIT-DB
MISC
MISC
searchblox -- searchbloxCross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 allows remote attackers to inject arbitrary web script or HTML via the menu2 parameter to admin/main.jsp.2015-06-184.3CVE-2015-3422
MISC
BUGTRAQ
MISC
services_basic_authentication_project -- services_basic_authenticationThe Services Basic Authentication module 7.x-1.x through 7.x-1.3 for Drupal allows remote attackers to bypass intended resource restrictions via vectors related to page caching.2015-06-155.0CVE-2015-4344
CONFIRM
MISC
MLIST
services_project -- servicesThe resource/endpoint for uploading files in the Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote authenticated users with the "Save file information" permission to execute arbitrary code via a crafted filename.2015-06-156.0CVE-2015-4393
MISC
CONFIRM
MLIST
services_project -- servicesThe Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote attackers to bypass the field_access restriction and obtain sensitive private field information via unspecified vectors.2015-06-155.0CVE-2015-4394
MISC
CONFIRM
MLIST
smoelenboek_project -- smoelenboekSQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) extension before 1.0.9 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.2015-06-166.5CVE-2015-4611
CONFIRM
MISC
spider_contacts_project -- spider_contactsSQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated users with the "access Spider Contacts category administration" permission to execute arbitrary SQL commands via unspecified vectors.2015-06-156.0CVE-2015-4348
MISC
MLIST
spider_contacts_project -- spider_contactsCross-site request forgery (CSRF) vulnerability in the Spider Contacts module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete contact categories via unspecified vectors.2015-06-155.8CVE-2015-4349
MISC
MLIST
store_locator_project -- store_locatorSQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.2015-06-166.5CVE-2015-4610
CONFIRM
MISC
symphony-cms -- symphony_cmsCross-site scripting (XSS) vulnerability in Symphony CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the sort parameter to system/authors.2015-06-184.3CVE-2015-4661
BUGTRAQ
MISC
MISC
synology -- diskstation_managerCross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2-5565 Update 1 allows remote attackers to inject arbitrary web script or HTML via the "compound" parameter to entry.cgi.2015-06-184.3CVE-2015-4655
CONFIRM
MISC
FULLDISC
synology -- photo_stationMultiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station before 6.3-2945 allow remote attackers to inject arbitrary web script or HTML via the (1) success parameter to login.php or (2) crafted URL parameters to index.php, as demonstrated by the t parameter to photo/.2015-06-184.3CVE-2015-4656
CONFIRM
MISC
FULLDISC
tracking_code_project -- tracking_codeCross-site request forgery (CSRF) vulnerability in tracking_code.admin.inc in the Tracking Code module 7.x-1.x before 7.x-1.6 for Drupal allows remote attackers to hijack the authentication of administrators for requests that disable tracking codes via unspecified vectors.2015-06-156.8CVE-2015-4362
CONFIRM
MISC
CONFIRM
MLIST
CONFIRM
user_import_project -- user_importMultiple cross-site request forgery (CSRF) vulnerabilities in the User Import module 6.x-4.x before 6.x-4.4 and 7.x-2.x before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) continue or (2) delete an ongoing import via unspecified vectors.2015-06-156.8CVE-2015-4390
MISC
CONFIRM
CONFIRM
MLIST
vestacp -- vesta_control_panelCross-site request forgery (CSRF) vulnerability in Vesta Control Panel before 0.9.8-14 allows remote attackers to hijack the authentication of arbitrary users.2015-06-186.8CVE-2015-2861
CERT-VN
CONFIRM
CONFIRM
vmware -- fusionTPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897.2015-06-135.8CVE-2015-2336
CONFIRM
vmware -- fusionTPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.2015-06-135.8CVE-2015-2337
CONFIRM
vmware -- fusionTPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339.2015-06-136.1CVE-2015-2338
CONFIRM
vmware -- fusionTPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338.2015-06-136.1CVE-2015-2339
CONFIRM
vmware -- fusionTPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.2015-06-136.1CVE-2015-2340
CONFIRM
w1.fi -- hostapdThe WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.2015-06-154.3CVE-2015-4141
MLIST
MLIST
CONFIRM
SUSE
w1.fi -- hostapdInteger underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.2015-06-154.3CVE-2015-4142
MLIST
MLIST
CONFIRM
REDHAT
SUSE
w1.fi -- hostapdThe EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.2015-06-155.0CVE-2015-4143
MLIST
MLIST
CONFIRM
SUSE
w1.fi -- hostapdThe EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.2015-06-155.0CVE-2015-4144
MLIST
MLIST
CONFIRM
SUSE
w1.fi -- hostapdThe EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message.2015-06-155.0CVE-2015-4145
MLIST
MLIST
CONFIRM
SUSE
w1.fi -- hostapdThe EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message.2015-06-155.0CVE-2015-4146
MLIST
MLIST
CONFIRM
CONFIRM
SUSE
watchdog_aggregator_project --Cross-site request forgery (CSRF) vulnerability in the Watchdog Aggregator module for Drupal allows remote attackers to hijack the authentication of administrators for requests that enable or disable monitoring sites via unspecified vectors.2015-06-156.8CVE-2015-4355
MISC
MLIST
web-dorado -- spider_catalogMultiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete (1) products, (2) ratings, or (3) categories via unspecified vectors.2015-06-156.8CVE-2015-4350
MISC
MLIST
web-dorado -- web-dorado_spider_video_playerThe Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL.2015-06-154.9CVE-2015-4351
MISC
MLIST
web-dorado -- web-dorado_spider_video_playerCross-site request forgery (CSRF) vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors.2015-06-155.8CVE-2015-4352
MISC
MLIST
webform_multiple_file_upload_project -- webform_multiple_file_uploadCross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of certain users for requests that delete files via unspecified vectors.2015-06-156.8CVE-2015-4379
MISC
CONFIRM
CONFIRM
MLIST
wp_smiley_project -- wp_smileyCross-site request forgery (CSRF) vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows remote attackers to hijack the authentication of editors for requests that conduct cross-site scripting (XSS) attacks via the s4w-more parameter to the smilies4wp.php page to wp-admin/options-general.php.2015-06-186.8CVE-2015-4140
BID
MLIST
MLIST
wt_directory_project -- wt_directorySQL injection vulnerability in the wt_directory extension before 1.4.2 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.2015-06-166.5CVE-2015-4609
CONFIRM
MISC
xcloner -- xclonercloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrated by using the backup comments feature to create the file.2015-06-176.5CVE-2015-4336
MISC
BID
MISC
xcloner -- xclonerStatic code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LM_FRONT_* field for a language, as demonstrated by language/italian.php.2015-06-176.5CVE-2015-4338
MISC
BID
MISC
xen -- xenGNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.2015-06-154.9CVE-2015-4163
CONFIRM
xen -- xenThe compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.2015-06-154.9CVE-2015-4164
CONFIRM
yoast -- wordpress_seoCross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_title parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview functionality.2015-06-174.3CVE-2012-6692
CONFIRM
CONFIRM
MISC
MISC
SECTRACK
FULLDISC
MISC
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
be_user_log_project -- be_user_logCross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.2015-06-163.5CVE-2015-4608
MISC
ceph -- ceph-deployceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.2015-06-162.1CVE-2015-3010
CONFIRM
CONFIRM
CONFIRM
MLIST
MLIST
REDHAT
crumbs_project -- crumbsCross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "Administer Crumbs" permission to inject arbitrary web script or HTML via a custom breadcrumb separator.2015-06-152.1CVE-2015-4378
MISC
CONFIRM
MLIST
current_search_links_project -- current_search_linksCross-site scripting (XSS) vulnerability in the Current Search Links module 7.x-1.x before 7.x-1.1 for Drupal, when the "Append the keywords passed by the user to the list" option is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted search query.2015-06-152.6CVE-2015-4388
MISC
CONFIRM
MLIST
display_suite_project -- display_suiteCross-site scripting (XSS) vulnerability in the Display Suite module 7.x-2.7 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to field display settings.2015-06-153.5CVE-2015-4392
MISC
CONFIRM
MLIST
hybridauth_social_login_project -- hybridauth_social_loginThe HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote authenticated users with certain permissions to obtain sensitive information by leveraging access to the database.2015-06-153.5CVE-2015-4395
MISC
CONFIRM
MLIST
image_title_project -- image_titleCross-site scripting (XSS) vulnerability in the Image Title module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4372
MISC
CONFIRM
MLIST
imagefield_info_project -- imagefield_infoCross-site scripting (XSS) vulnerability in unspecified administration pages in the Imagefield Info module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "Administer image styles" permission to inject arbitrary web script or HTML via unspecified vectors.2015-06-152.1CVE-2015-4385
MISC
CONFIRM
MLIST
invoice_project -- invoiceCross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices" permission to inject arbitrary web script or HTML via unspecified vectors involving nodes of the "Invoice" content type.2015-06-153.5CVE-2015-4381
CONFIRM
CONFIRM
MISC
MLIST
linear_case_project -- linear_caseCross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4380
MISC
CONFIRM
MLIST
mover_project -- moverCross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4366
MISC
MLIST
og_tabs_project -- og_tabsCross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to nodes posted in an Organic Groups group.2015-06-153.5CVE-2015-4373
MISC
CONFIRM
MLIST
password_policy_project -- password_policyCross-site scripting (XSS) vulnerability in unspecified administration pages in the Password Policy module 6.x-1.x before 6.x-1.11 and 7.x-1.x before 7.x-1.11 for Drupal, when a site has a policy that uses the username constraint, allows remote attackers to inject arbitrary web script or HTML via a crafted username that is imported from an external source.2015-06-152.6CVE-2015-4387
MISC
CONFIRM
CONFIRM
MLIST
petition_project -- petitionCross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" permission to inject arbitrary web script or HTML via unknown vectors.2015-06-152.1CVE-2015-4377
MISC
CONFIRM
MLIST
profile2_privacy_project -- profile2_privacyCross-site scripting (XSS) vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Profile2 Privacy Levels" permission to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4376
MISC
CONFIRM
MLIST
MLIST
registration_codes_project -- registration_codesMultiple cross-site scripting (XSS) vulnerabilities in the Registration codes module before 6.x-1.6, 6.x-2.x before 6.x-2.8, and 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with permission to create or edit taxonomy terms or nodes to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4359
CONFIRM
CONFIRM
CONFIRM
MISC
MLIST
simple_subscription_project -- simple_subscriptionCross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer blocks" permission to inject arbitrary web script or HTML via vectors related to block content.2015-06-153.5CVE-2015-4367
MISC
CONFIRM
CONFIRM
MLIST
sinapsi -- esolar_light_firmwareSinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover cleartext passwords by reading the HTML source code of the mail-configuration page.2015-06-132.1CVE-2015-3949
MISC
site_documentation_project -- site_documentationCross-site scripting (XSS) vulnerability in the Site Documentation module before 6.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms.2015-06-153.5CVE-2015-4370
MISC
CONFIRM
MLIST
sms_framework_project -- sms_frameworkCross-site scripting (XSS) vulnerability in the SMS Framework module 6.x-1.x before 6.x-1.1 for Drupal, when the "Send to phone" submodule is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to message previews.2015-06-152.6CVE-2015-4346
MISC
CONFIRM
MLIST
taxonomy_accordion_project -- taxonomy_accordionCross-site scripting (XSS) vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms.2015-06-153.5CVE-2015-4365
MISC
MLIST
trick_question_project -- trick_questionCross-site scripting (XSS) vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permission to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4369
CONFIRM
CONFIRM
MISC
MLIST
ubercart_webform_checkout_pane_project -- ubercart_webform_checkout_paneCross-site scripting (XSS) vulnerability in the Ubercart Webform Checkout Pane module 6.x-3.x before 6.x-3.10 and 7.x-3.x before 7.x-3.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4384
CONFIRM
CONFIRM
MISC
MLIST
ubercart_webform_integration_project -- ubercart_webform_integrationCross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.2015-06-153.5CVE-2015-4354
CONFIRM
CONFIRM
MISC
MLIST
ubercount_discount_coupons_project -- ubercart_discount_couponsCross-site scripting (XSS) vulnerability in unspecified administration pages in the Ubercart Discount Coupons module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms.2015-06-153.5CVE-2015-4358
CONFIRM
MISC
MLIST
webform_project -- webformCross-site scripting (XSS) vulnerability in the view-based webform results table in the Webform module 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a webform.2015-06-153.5CVE-2015-4356
MISC
CONFIRM
MLIST
MLIST
webform_project -- webformCross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3.22, and 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title, which is used as the default title of a webform block.2015-06-153.5CVE-2015-4357
CONFIRM
CONFIRM
CONFIRM
MISC
MLIST
MLIST
webform_project -- webformCross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a component name in the recipient (To) address of an email.2015-06-163.5CVE-2015-4374
MISC
CONFIRM
CONFIRM
CONFIRM
MLIST
MLIST
wp_smiley_project -- wp_smileyCross-site scripting (XSS) vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the s4w-more parameter to wp-admin/options-general.php.2015-06-183.5CVE-2015-4139
BID
MLIST
MLIST
xcloner -- xclonerCross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xcloner_show page to wpadmin/plugins.php.2015-06-173.5CVE-2015-4337
MISC
BID
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top