|
291751
|
- |
|
pomm-project
|
pomm
|
SQL injection vulnerability in the LTree converter in Pomm before 1.1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-100019
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291752
|
- |
|
unconfirmed_project
|
unconfirmed
|
Cross-site scripting (XSS) vulnerability in the Unconfirmed plugin before 1.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in the unconfirmed pag…
|
CWE-79
Cross-site Scripting
|
CVE-2014-100018
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291753
|
- |
|
phponlinechat
|
phponlinechat
|
Cross-site scripting (XSS) vulnerability in canned_opr.php in PhpOnlineChat 3.0 allows remote attackers to inject arbitrary web script or HTML via the message field.
|
CWE-79
Cross-site Scripting
|
CVE-2014-100017
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291754
|
- |
|
photocati_media
|
photocrati
|
Cross-site scripting (XSS) vulnerability in photocrati-gallery/ecomm-sizes.php in the Photocrati theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the prod_id par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-100016
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291755
|
- |
|
solidworks
|
product_data_management
|
Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload.
|
CWE-22
Path Traversal
|
CVE-2014-100015
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291756
|
- |
|
solidworks
|
product_data_management
|
Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks Workgroup PDM 2014 SP2 allow remote attackers to execute arbitrary code via a long string in a (1) 2001, (2) 2002, or (3) 2003 o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-100014
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291757
|
- |
|
clientresponse_project
|
clientresponse
|
Multiple cross-site scripting (XSS) vulnerabilities in clientResponse 4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject or (2) Message field.
|
CWE-79
Cross-site Scripting
|
CVE-2014-100013
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291758
|
- |
|
sendy
|
sendy
|
SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter.
|
CWE-89
SQL Injection
|
CVE-2014-100012
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291759
|
- |
|
sendy
|
sendy
|
SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter.
|
CWE-89
SQL Injection
|
CVE-2014-100011
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291760
|
- |
|
fluxbb
|
fluxbb
|
Open redirect vulnerability in forums/login.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL …
|
NVD-CWE-Other
|
CVE-2014-10030
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
