Skip to main content
CVE-2015-1562 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to admin/user_management.php, (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Saurus Cms
NVD GitHub
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-1564 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in style-underground/search in Plain Black WebGUI 7.10.29 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Webgui
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1558 LOW Monitor

Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Epss exploitation probability 17.5% and no vendor patch available.

Denial Of Service Asterisk
NVD
CVSS 2.0
3.5
EPSS
17.5%
CVE-2015-1568 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Gd Infinite Scroll
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-1567 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Gd Infinite Scroll
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1565 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Device Manager Replication Manager Tiered Storage Manager Compute Systems Manager +1
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1566 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 7.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1563 LOW Monitor

The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Fedora
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy