Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795. Date published : 2015-06-17 http://www.securityfocus.com/bid/75205 http://tools.cisco.com/security/center/viewAlert.x?alertId=39324
Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier. Date published : 2015-06-17...
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal...
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal...
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal...
SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter. Date published...
Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2015-06-17 http://www.securityfocus.com/bid/75309 http://www.cacti.net/release_notes_0_8_8d.php
EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attackers to bypass LDAP authentication by providing a valid account name. Date published : 2015-06-17 http://seclists.org/bugtraq/2015/Jun/87 http://www.securitytracker.com/id/1032589
SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors. Date published : 2015-06-16 http://www.securityfocus.com/bid/75257 http://typo3.org/extensions/repository/view/devlog
SQL injection vulnerability in the "FAQ – Frequently Asked Questions" (js_faq) extension before 1.2.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Date published : 2015-06-16 http://www.securityfocus.com/bid/75256 http://typo3.org/extensions/repository/view/js_faq
SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) extension before 1.0.9 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Date published : 2015-06-16 http://www.securityfocus.com/bid/75259 http://typo3.org/extensions/repository/view/ncgov_smoelenboek
SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Date published : 2015-06-16 http://www.securityfocus.com/bid/75262 http://typo3.org/extensions/repository/view/locator
SQL injection vulnerability in the wt_directory extension before 1.4.2 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Date published : 2015-06-16 http://www.securityfocus.com/bid/75253 http://typo3.org/extensions/repository/view/wt_directory
Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Date published : 2015-06-16...