|
289211
|
- |
|
limesurvey
|
limesurvey
|
Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting (XSS) attacks via the GBK c…
|
NVD-CWE-Other
|
CVE-2014-5018
|
2024-11-21 11:11 |
2014-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289212
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx par…
|
CWE-89
SQL Injection
|
CVE-2014-5017
|
2024-11-21 11:11 |
2014-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289213
|
- |
|
limesurvey
|
limesurvey
|
Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via (1) the pid attribute to the getAttribute_json f…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5016
|
2024-11-21 11:11 |
2014-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289214
|
- |
|
joomlaboat
|
com_youtubegallery
|
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbit…
|
CWE-89
SQL Injection
|
CVE-2014-4960
|
2024-11-21 11:11 |
2014-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289215
|
- |
|
opensuse
phpmyadmin
|
opensuse
phpmyadmin
|
server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4987
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289216
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow remote authenticated users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4986
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289217
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the PMA_TRI_getRowForList function in libraries/rte/rte_list.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 all…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4955
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289218
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4954
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289219
|
- |
|
linux
suse
opensuse
redhat
debian
|
linux_kernel
linux_enterprise_desktop
linux_enterprise_server
opensuse
enterprise_linux_server_aus
debian_linux
|
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
|
CWE-269
Improper Privilege Management
|
CVE-2014-4943
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289220
|
- |
|
sonicwall
|
scrutinizer
|
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new …
|
CWE-89
SQL Injection
|
CVE-2014-4977
|
2024-11-21 11:11 |
2014-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
