|
289481
|
- |
|
sap
|
supplier_relationship_management
|
Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a …
|
NVD-CWE-Other
|
CVE-2014-4159
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289482
|
- |
|
senkas
|
kolibri
|
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4158
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289483
|
- |
|
isc
|
bind
|
libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet,…
|
CWE-20
Improper Input Validation
|
CVE-2014-3859
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289484
|
- |
|
ckeditor
|
fckeditor
|
Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor before 2.6.11 and earlier allows remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4037
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289485
|
- |
|
impresscms
|
impresscms
|
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4036
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289486
|
- |
|
bestsoftinc
|
advance_hotel_booking_system
|
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4035
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289487
|
- |
|
aas9
|
zerocms
|
SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4034
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289488
|
- |
|
efrontlearning
|
efront
|
Cross-site scripting (XSS) vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4033
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289489
|
- |
|
fiyo
|
fiyo_cms
|
Cross-site scripting (XSS) vulnerability in apps/app_comment/form_comment.php in Fiyo CMS 1.5.7 allows remote attackers to inject arbitrary web script or HTML via the Nama field.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4032
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289490
|
- |
|
daiki_ueno
|
libfep
|
libfep 0.0.5 before 0.1.0 does not properly use UNIX domain sockets in the abstract namespace, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3980
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
