CNA 2015

VulDB is an officially certified CVE Numbering Authority (CNA) by MITRE and Authorized Data Publisher (ADP) by NIST NVD. We are authorized to handle new vulnerability submissions, assign unique CVEs and disclose them. CVE is an international program to discover vulnerabilities which are then assigned and published to the CVE list. Partners coordinate such CVE entries to communicate consistent descriptions. Information technology and cybersecurity professionals all around the world use CVE records to ensure they are discussing the same issues, and to coordinate their efforts to prioritize and address these properly.

Fournisseur

Not Defined	44
NREL	2
Dovgalyuk	2
OpenDNS	2
82Flex	2

Produit

NREL api-umbrella-web	2
Dovgalyuk AIBattle	2
OpenDNS OpenResolve	2
82Flex WEIPDCRM	2
Thimo Grauerholz WP-Spreadplugin	1

Contre-mesures

Official Fix	128
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	0

Exploitabilité

High	1
Functional	0
Proof-of-Concept	5
Unproven	0
Not Defined	122

Vecteur d'accès

Not Defined	0
Physical	0
Local	2
Adjacent	57
Network	69

Authentification

Not Defined	0
High	3
Low	111
None	14

Interaction de l'utilisateur

Not Defined	0
Required	49
None	79

VulDB

≤1	0
≤2	0
≤3	5
≤4	42
≤5	16
≤6	48
≤7	15
≤8	2
≤9	0
≤10	0

Exploiter 0 jour

<1k	9
<2k	118
<5k	1
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

ID	Vulnérabilité	Scope	Responsible	Établi	Mise à jour	CVE	CNA
261676	Thimo Grauerholz WP-Spreadplugin spreadplugin.php cross site scripting	VulDB	VulDB	20/04/2024	28/05/2024	CVE-2015-10132	accepté
258620	chrisy TFO Graphviz Plugin tfo-graphviz-admin.php admin_page cross site scripting	VulDB	VulDB	29/03/2024	07/05/2024	CVE-2015-10131	accepté
252716	planet-freo auth.inc.php elévation de privilèges	VulDB	VulDB	02/02/2024	25/02/2024	CVE-2015-10129	accepté
249422	rt-prettyphoto Plugin rt-prettyphoto.php royal_prettyphoto_plugin_links cross site scripting	VulDB	VulDB	31/12/2023	22/01/2024	CVE-2015-10128	accepté
248954	PlusCaptcha Plugin cross site scripting	VulDB	VulDB	24/12/2023	18/01/2024	CVE-2015-10127	accepté
241318	Easy2Map Photos Plugin sql injection	VulDB	VulDB	04/10/2023	25/10/2023	CVE-2015-10126	accepté
241317	WP Ultimate CSV Importer Plugin cross site request forgery	VulDB	VulDB	04/10/2023	25/10/2023	CVE-2015-10125	accepté
241026	Most Popular Posts Widget Plugin functions.php show_views sql injection	VulDB	VulDB	01/10/2023	23/10/2023	CVE-2015-10124	accepté
234249	wp-donate Plugin donate-display.php sql injection	VulDB	VulDB	16/07/2023	06/08/2023	CVE-2015-10122	accepté
233365	Beeliked Microsite Plugin beelikedmicrosite.php embed_handler cross site scripting	VulDB	VulDB	08/07/2023	26/07/2023	CVE-2015-10121	accepté
233364	WDS Multisite Aggregate Plugin WDS_Multisite_Aggregate_Options.php update_options cross site scripting	VulDB	VulDB	08/07/2023	25/07/2023	CVE-2015-10120	accepté
233363	View All Posts Page Plugin view-all-posts-pages.php action_admin_notices_activation cross site scripting	VulDB	VulDB	08/07/2023	25/07/2023	CVE-2015-10119	accepté
231202	cchetanonline WP-CopyProtect wp-copyprotect.php CopyProtect_options_page cross site scripting	VulDB	VulDB	10/06/2023	08/07/2023	CVE-2015-10118	accepté
230664	Gravity Forms DPS PxPay Plugin cross site scripting	VulDB	VulDB	03/06/2023	30/06/2023	CVE-2015-10117	accepté
230661	RealFaviconGenerator Favicon Plugin class-favicon-by-realfavicongenerator-admin.php install_new_favicon cross site request forgery	VulDB	VulDB	03/06/2023	30/06/2023	CVE-2015-10116	accepté
230655	WooSidebars Sidebar Manager Converter Plugin class-woosidebars-sbm-converter.php process_request Redirect	VulDB	VulDB	03/06/2023	30/06/2023	CVE-2015-10115	accepté
230654	WooSidebars Plugin class-woo-sidebars.php enable_custom_post_sidebars Redirect	VulDB	VulDB	03/06/2023	30/06/2023	CVE-2015-10114	accepté
230653	WooFramework Tweaks Plugin wooframework-tweaks.php admin_screen_logic Redirect	VulDB	VulDB	03/06/2023	29/06/2023	CVE-2015-10113	accepté
230652	WooFramework Branding Plugin wooframework-branding.php admin_screen_logic Redirect	VulDB	VulDB	03/06/2023	29/06/2023	CVE-2015-10112	accepté
230651	Watu Quiz Plugin Exam exam.php watu_exams sql injection	VulDB	VulDB	03/06/2023	29/06/2023	CVE-2015-10111	accepté
230392	ruddernation TinyChat Room Spy Plugin room-spy.php wp_show_room_spy cross site scripting	VulDB	VulDB	31/05/2023	25/06/2023	CVE-2015-10110	accepté
230264	Video Playlist and Gallery Plugin wp-media-cincopa.php cross site request forgery	VulDB	VulDB	30/05/2023	24/06/2023	CVE-2015-10109	accepté
230234	meitar Inline Google Spreadsheet Viewer Plugin inline-gdocs-viewer.php displayShortcode cross site request forgery	VulDB	VulDB	30/05/2023	24/06/2023	CVE-2015-10108	accepté
230153	Simplr Registration Form Plus+ Plugin cross site scripting	VulDB	VulDB	29/05/2023	21/06/2023	CVE-2015-10107	accepté
230086	mback2k mh_httpbl Extension index.php moduleContent sql injection	VulDB	VulDB	27/05/2023	21/06/2023	CVE-2015-10106	accepté
227757	IP Blacklist Cloud Plugin CSV File Import ip_blacklist_cloud.php valid_js_identifier directory traversal	VulDB	VulDB	29/04/2023	24/05/2023	CVE-2015-10105	accepté
227756	Icons for Features Plugin class-icons-for-features-admin.php Redirect	VulDB	VulDB	29/04/2023	24/05/2023	CVE-2015-10104	accepté
226119	InternalError503 Forget It settings.js dénie de service	VulDB	VulDB	15/04/2023	05/05/2023	CVE-2015-10103	accepté
226118	Freshdesk Plugin Redirect	VulDB	VulDB	15/04/2023	05/05/2023	CVE-2015-10102	accepté
226117	Google Analytics Top Content Widget Plugin class-tgm-plugin-activation.php cross site scripting	VulDB	VulDB	15/04/2023	05/05/2023	CVE-2015-10101	accepté
225353	Dynamic Widgets Plugin dynwid_class.php sql injection	VulDB	VulDB	08/04/2023	26/04/2023	CVE-2015-10100	accepté
225351	CP Appointment Calendar Plugin dex_appointments.php dex_process_ready_to_go_appointment sql injection	VulDB	VulDB	08/04/2023	26/04/2023	CVE-2015-10099	accepté
225152	Broken Link Checker Plugin ui_get_action_links cross site scripting	VulDB	VulDB	06/04/2023	23/04/2023	CVE-2015-10098	accepté
223801	grinnellplans-php read.php interface_disp_page sql injection	VulDB	VulDB	24/03/2023	14/04/2023	CVE-2015-10097	accepté
223383	Zarthus IRC Twitter Announcer Bot twitter_announcer.rb get_tweets elévation de privilèges	VulDB	VulDB	18/03/2023	11/04/2023	CVE-2015-10096	accepté
222327	woo-popup Plugin class-woo-popup-admin.php cross site scripting	VulDB	VulDB	04/03/2023	31/03/2023	CVE-2015-10095	accepté
222326	Fastly Plugin api.php post cross site scripting	VulDB	VulDB	04/03/2023	31/03/2023	CVE-2015-10094	accepté
222325	Mark User as Spammer Plugin plugin.php user_row_actions cross site scripting	VulDB	VulDB	04/03/2023	31/03/2023	CVE-2015-10093	accepté
222324	Qtranslate Slug Plugin class-qtranslate-slug.php add_slug_meta_box cross site scripting	VulDB	VulDB	04/03/2023	31/03/2023	CVE-2015-10092	accepté
222322	ByWater Solutions bywater-koha-xslt systempreferences.pl StringSearch sql injection	VulDB	VulDB	04/03/2023	31/03/2023	CVE-2015-10091	accepté
222320	Landing Pages Plugin cross site scripting	VulDB	VulDB	04/03/2023	31/03/2023	CVE-2015-10090	accepté
222291	flame.js cross site scripting	VulDB	VulDB	03/03/2023	31/03/2023	CVE-2015-10089	accepté
222267	ayttm proxy.c http_connect Format String	VulDB	VulDB	03/03/2023	31/03/2023	CVE-2015-10088	accepté
221809	UpThemes Theme DesignFolio Plus elévation de privilèges	VulDB	VulDB	26/02/2023	25/03/2023	CVE-2015-10087	accepté
221808	OpenCycleCompass server-php login.php sql injection	VulDB	VulDB	26/02/2023	25/03/2023	CVE-2015-10086	accepté
221506	GoPistolet MTA dénie de service	VulDB	VulDB	19/02/2023	23/03/2023	CVE-2015-10085	accepté
221504	irontec klear-library BaseController.php _prepareWhere sql injection	VulDB	VulDB	19/02/2023	23/03/2023	CVE-2015-10084	accepté
221503	harrystech Dynosaur-Rails application_controller.rb basic_auth authentification faible	VulDB	VulDB	19/02/2023	23/03/2023	CVE-2015-10083	accepté
221499	UIKit0 libplist XML xplist.c plist_from_xml XML External Entity	VulDB	VulDB	19/02/2023	23/03/2023	CVE-2015-10082	accepté
221495	arnoldle submitByMailPlugin edit_list.php cross site request forgery	VulDB	VulDB	19/02/2023	23/03/2023	CVE-2015-10081	accepté
221487	NREL api-umbrella-web Admin Data Table cross site scripting	VulDB	VulDB	18/02/2023	23/03/2023	CVE-2015-10080	accepté
220751	juju2143 WalrusIRC parser.js parseLinks cross site scripting	VulDB	VulDB	12/02/2023	10/03/2023	CVE-2015-10079	accepté
220637	atwellpub Resend Welcome Email Plugin resend-welcome-email.php send_welcome_email_url cross site scripting	VulDB	VulDB	11/02/2023	10/03/2023	CVE-2015-10078	accepté
220471	webbuilders-group silverstripe-kapost-bridge KapostService.php getPreview sql injection	VulDB	VulDB	09/02/2023	09/03/2023	CVE-2015-10077	accepté
220453	dimtion Shaarlier Tag TagsSource.java createTag sql injection	VulDB	VulDB	08/02/2023	09/03/2023	CVE-2015-10076	accepté
220219	Custom-Content-Width custom-content-width.php register_settings cross site scripting	VulDB	VulDB	06/02/2023	05/03/2023	CVE-2015-10075	accepté
220218	OpenSeaMap online_chart index.php init cross site scripting	VulDB	VulDB	06/02/2023	05/03/2023	CVE-2015-10074	accepté
220215	tinymighty WikiSEO Meta Property Tag WikiSEO.body.php modifyHTML cross site scripting	VulDB	VulDB	05/02/2023	05/03/2023	CVE-2015-10073	accepté
220060	NREL api-umbrella-web Flash Message cross site scripting	VulDB	VulDB	02/02/2023	04/03/2023	CVE-2015-10072	accepté
218951	gitter-badger ezpublish-modern-legacy forgotpassword.php elévation de privilèges	VulDB	VulDB	18/01/2023	15/02/2023	CVE-2015-10071	accepté
218897	copperwall Twiddit index.php sql injection	VulDB	VulDB	18/01/2023	15/02/2023	CVE-2015-10070	accepté
218896	viakondratiuk cash-machine machine.py update_failed_attempts sql injection	VulDB	VulDB	18/01/2023	15/02/2023	CVE-2015-10069	accepté
218476	danynab movify-j ReviewServiceImpl.java getByMovieId sql injection	VulDB	VulDB	17/01/2023	09/02/2023	CVE-2015-10068	accepté
218463	oznetmaster SSharpSmartThreadPool SmartThreadPool.cs Privilege Escalation	VulDB	VulDB	17/01/2023	09/02/2023	CVE-2015-10067	accepté
218462	tynx wuersch Store.class.php getByCustomQuery sql injection	VulDB	VulDB	17/01/2023	09/02/2023	CVE-2015-10066	accepté
218458	AenBleidd FiND my_validator.cpp init_result buffer overflow	VulDB	VulDB	16/01/2023	09/02/2023	CVE-2015-10065	accepté
218455	VictorFerraresi pokemon-database-php sql injection	VulDB	VulDB	16/01/2023	09/02/2023	CVE-2015-10064	accepté
218453	saemorris TheRadSystem _login.php redirect sql injection	VulDB	VulDB	16/01/2023	09/02/2023	CVE-2015-10063	accepté
218451	galaxy-data-resource Command Line Template elévation de privilèges	VulDB	VulDB	16/01/2023	09/02/2023	CVE-2015-10062	accepté
218427	evandro-machado Trabalho-Web2 ClienteDAO.java sql injection	VulDB	VulDB	16/01/2023	08/02/2023	CVE-2015-10061	accepté
218417	MNBikeways database views.py sql injection	VulDB	VulDB	16/01/2023	08/02/2023	CVE-2015-10060	accepté
218416	s134328 Webapplication-Veganguide apiService.js cross site scripting	VulDB	VulDB	16/01/2023	08/02/2023	CVE-2015-10059	accepté
218415	Wikisource Category Browser index.php cross site scripting	VulDB	VulDB	16/01/2023	08/02/2023	CVE-2015-10058	accepté
218401	Little Apps Little Software Stats Password Reset class.securelogin.php elévation de privilèges	VulDB	VulDB	15/01/2023	07/02/2023	CVE-2015-10057	accepté
218400	2071174A vinylmap views.py contact sql injection	VulDB	VulDB	15/01/2023	07/02/2023	CVE-2015-10056	accepté
218399	PictureThisWebServer user.js router.post sql injection	VulDB	VulDB	15/01/2023	07/02/2023	CVE-2015-10055	accepté
218397	githuis P2Manage Database.cs Execute sql injection	VulDB	VulDB	15/01/2023	07/02/2023	CVE-2015-10054	accepté
218394	prodigasistemas curupira passwords_controller.rb sql injection	VulDB	VulDB	15/01/2023	07/02/2023	CVE-2015-10053	accepté
218380	ssn2013 cis450Project AddAppUser.java addUser sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10020	accepté
218379	calesanz gibb-modul-151 login Redirect	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10052	accepté
218378	bony2023 Discussion-Board main.php display_all_replies sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10051	accepté
218374	brandonfire miRNA_Database_by_PHP_MySql model.php count_rna sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10050	accepté
218372	Overdrive Eletrônica course-builder oeditor.html cross site scripting	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10049	accepté
218357	bmattoso desafio_buzz_woody sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10048	accepté
218355	KYUUBl school-register DBManager.java sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10047	accepté
218353	lolfeedback sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10046	accepté
218352	tutrantta project_todolist Database.php update sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10045	accepté
218350	gophergala sqldump sql injection	VulDB	VulDB	14/01/2023	07/02/2023	CVE-2015-10044	accepté
218307	abreen Apollo directory traversal	VulDB	VulDB	13/01/2023	07/02/2023	CVE-2015-10043	accepté
218305	Dovgalyuk AIBattle procedures.php registerUser sql injection	VulDB	VulDB	13/01/2023	07/02/2023	CVE-2015-10042	accepté
218304	Dovgalyuk AIBattle procedures.php sendComments sql injection	VulDB	VulDB	13/01/2023	07/02/2023	CVE-2015-10041	accepté
218302	gitlearn Escape Sequence config.sh getOutOf elévation de privilèges	VulDB	VulDB	13/01/2023	07/02/2023	CVE-2015-10040	accepté
218024	dobos domino EntityFactory.cs sql injection	VulDB	VulDB	11/01/2023	04/02/2023	CVE-2015-10039	accepté
218023	nym3r0s pplv2 sql injection	VulDB	VulDB	11/01/2023	04/02/2023	CVE-2015-10038	accepté
217965	ACI_Escola sql injection	VulDB	VulDB	11/01/2023	01/02/2023	CVE-2015-10037	accepté
217951	kylebebak dronfelipe sql injection	VulDB	VulDB	11/01/2023	01/02/2023	CVE-2015-10036	accepté
217715	gperson angular-test-reporter data-server.js addTest sql injection	VulDB	VulDB	09/01/2023	30/01/2023	CVE-2015-10035	accepté
217714	j-nowak workout-organizer sql injection	VulDB	VulDB	09/01/2023	30/01/2023	CVE-2015-10034	accepté
217713	jvvlee MerlinsBoard Grade elévation de privilèges	VulDB	VulDB	09/01/2023	30/01/2023	CVE-2015-10033	accepté
217663	HealthMateWeb createaccount.php cross site scripting	VulDB	VulDB	09/01/2023	30/01/2023	CVE-2015-10032	accepté