Skip to main content
CVE-2015-1562 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to admin/user_management.php, (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Saurus Cms
NVD GitHub
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-1564 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in style-underground/search in Plain Black WebGUI 7.10.29 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Webgui
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1568 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Gd Infinite Scroll
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-1567 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Gd Infinite Scroll
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1565 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the online help in Hitachi Device Manager, Tiered Storage Manager, Replication Manager, and Global Link Manager before 8.1.2-00, and Compute Systems. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Device Manager Replication Manager Tiered Storage Manager Compute Systems Manager +1
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1566 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 7.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy