36 matches found
EUVD-2015-7478
Malware in sbrugna...
EUVD-2015-7479
Malware in sbrugna...
EUVD-2015-7480
Malware in sbrugna...
EUVD-2015-7481
Malware in sbrugna...
EUVD-2015-7477
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...
CVE-2015-7567
SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter...
Sql injection
SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter...
CVE-2015-7567
Summary: CVE-2015-7567 is a SQL injection vulnerability in Yeager CMS 1.2.1 that allows remote attackers to execute arbitrary SQL via the "passwordreset&token" parameter. The issue stems from improper input handling in the authentication/password reset flow (root cause: unsafely constructed SQL f...
CVE-2015-7567
SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter...
Unrestricted file upload
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...
CVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...
CVE-2015-7571
Vulnerability CVE-2015-7571 affects Yeager CMS 1.2.1. Unrestricted file upload can lead to remote code execution by uploading an executable file; fixed version is listed as 1.3 in vulnerability references. The available sources describe the issue and indicate upgrade/patch as remediation, but exp...
CVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...
Server side request forgery (ssrf)
Multiple server-side request forgery SSRF vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodblite/tests/testadodblite.php, libs/org/adodblite/tests/testdatadictionary.php, or...
Sql injection
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter...
Sql injection
SQL injection vulnerability in "yeager/y.php/tabUSERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedirorderby" parameter...
CVE-2015-7570
Multiple server-side request forgery SSRF vulnerabilities in Yeager CMS 1.2.1 allow remote attackers to trigger outbound requests and enumerate open ports via the dbhost parameter to libs/org/adodblite/tests/testadodblite.php, libs/org/adodblite/tests/testdatadictionary.php, or...
CVE-2015-7569
SQL injection vulnerability in "yeager/y.php/tabUSERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedirorderby" parameter...
CVE-2015-7568
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter...