|
290671
|
- |
|
otrs
|
otrs
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1695
|
2024-11-21 11:04 |
2014-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290672
|
- |
|
openwebanalytics
|
open_web_analytics
|
Cross-site scripting (XSS) vulnerability in the login page in Open Web Analytics (OWA) before 1.5.6 allows remote attackers to inject arbitrary web script or HTML via the owa_user_id parameter to ind…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1456
|
2024-11-21 11:04 |
2014-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290673
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in whic…
|
CWE-200
Information Exposure
|
CVE-2014-1690
|
2024-11-21 11:04 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290674
|
- |
|
i-doit
|
i-doit
|
SQL injection vulnerability in the CMDB web application in synetics i-doit pro before 1.2.5 and i-doit open allows remote attackers to execute arbitrary SQL commands via the objID parameter to the de…
|
CWE-89
SQL Injection
|
CVE-2014-1597
|
2024-11-21 11:04 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290675
|
- |
|
bandisoft
|
bandizip
|
Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.
|
NVD-CWE-Other
|
CVE-2014-1680
|
2024-11-21 11:04 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290676
|
- |
|
blackberry
|
enterprise_server
blackberry_enterprise_service
enterprise_server_express
blackberry_universal_device_service
|
BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino through 5.0.4, Enterprise Server Express for Exchange through 5.0.4, Enterprise Server…
|
CWE-255
Credentials Management
|
CVE-2014-1467
|
2024-11-21 11:04 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290677
|
- |
|
doorgets
|
doorgets_cms
|
SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. NO…
|
CWE-89
SQL Injection
|
CVE-2014-1459
|
2024-11-21 11:04 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290678
|
- |
|
auracms
|
auracms
|
Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLI…
|
CWE-89
SQL Injection
|
CVE-2014-1401
|
2024-11-21 11:04 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290679
|
- |
|
siemens
|
simatic_wincc_open_architecture
|
Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to cause a denial of service (monitoring-service outage) via malformed HTTP requests to port 4999.
|
CWE-399
Resource Management Errors
|
CVE-2014-1699
|
2024-11-21 11:04 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290680
|
- |
|
siemens
|
simatic_wincc_open_architecture
|
Directory traversal vulnerability in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to read arbitrary files via crafted packets to TCP port 4999.
|
CWE-22
Path Traversal
|
CVE-2014-1698
|
2024-11-21 11:04 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
