Export limit exceeded: 343567 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343567 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75167 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9491 | 1 Blessing Premium Responsive Project | 1 Blessing Premium Responsive | 2024-11-21 | 7.5 High |
| The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9490 | 1 Gamestheme Premium Project | 1 Gamestheme Premium | 2024-11-21 | 7.5 High |
| The ThemeMakers GamesTheme Premium theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9489 | 1 Goodnex Premium Responsive Project | 1 Goodnex Premium Responsive | 2024-11-21 | 7.5 High |
| The ThemeMakers Goodnex Premium Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9488 | 1 Almera Responsive Portfolio Site Template Project | 1 Almera Responsive Portfolio Site Template | 2024-11-21 | 7.5 High |
| The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9487 | 1 Almera Responsive Portfolio Project | 1 Almera Responsive Portfolio | 2024-11-21 | 7.5 High |
| The ThemeMakers Almera Responsive Portfolio theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9486 | 1 Axioma Premium Responsive Project | 1 Axioma Premium Responsive | 2024-11-21 | 7.5 High |
| The ThemeMakers Axioma Premium Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9485 | 1 Accio Responsive Onepage Parallax Site Template Project | 1 Accio Responsive Onepage Parallax Site Template | 2024-11-21 | 7.5 High |
| The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9484 | 1 Accio One Page Parallax Responsive Theme Project | 1 Accio One Page Parallax Responsive Theme | 2024-11-21 | 7.5 High |
| The ThemeMakers Accio One Page Parallax Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9483 | 1 Invento \/ Architecture Building Agency Template Project | 1 Invento \/ Architecture Building Agency Template | 2024-11-21 | 7.5 High |
| The ThemeMakers Invento Responsive Gallery/Architecture Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9482 | 1 Car Dealer \/ Auto Dealer Responsive Project | 1 Car Dealer \/ Auto Dealer Responsive | 2024-11-21 | 7.5 High |
| The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9481 | 1 Diplomat \| Political Project | 1 Diplomat \| Political | 2024-11-21 | 7.5 High |
| The ThemeMakers Diplomat | Political theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI. | ||||
| CVE-2015-9480 | 1 Robot-cpa | 1 Robotcpa | 2024-11-21 | 7.5 High |
| The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. | ||||
| CVE-2015-9477 | 1 Vernissage Project | 1 Vernissage | 2024-11-21 | 8.8 High |
| The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9476 | 1 Teardrop Project | 1 Teardrop | 2024-11-21 | 8.8 High |
| The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9475 | 1 Pont Project | 1 Pont | 2024-11-21 | 8.8 High |
| The Pont theme 1.5 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9474 | 1 Simpolio Project | 1 Simpolio | 2024-11-21 | 8.8 High |
| The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9473 | 1 Estrutura-basica Project | 1 Estrutura-basica | 2024-11-21 | 7.5 High |
| The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter. | ||||
| CVE-2015-9470 | 1 Ionadas | 1 History Collection | 2024-11-21 | 7.5 High |
| The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter. | ||||
| CVE-2015-9465 | 1 Yet Another Stars Rating Project | 1 Yet Another Stars Rating | 2024-11-21 | 8.8 High |
| The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter. | ||||
| CVE-2015-9464 | 1 S3bubble | 1 S3bubble-amazon-s3-html-5-video-with-adverts | 2024-11-21 | 7.5 High |
| The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | ||||