|
292461
|
- |
|
dlink
|
dap-1360_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2014-10025
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292462
|
- |
|
divx
|
directshowdemuxfilter
player
web_player
|
Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2…
|
CWE-189
Numeric Errors
|
CVE-2014-10024
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292463
|
- |
|
topicsviewer
|
topicsviewer
|
Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.…
|
CWE-89
SQL Injection
|
CVE-2014-10023
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292464
|
- |
|
apache
|
traffic_server
|
Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-10022
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292465
|
- |
|
wpsymposiumpro
|
wp_symposium
|
Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable ext…
|
NVD-CWE-Other
|
CVE-2014-10021
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292466
|
- |
|
tecorange
|
simple_e-document
|
SQL injection vulnerability in login.php in Simple e-document 1.31 allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2014-10020
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292467
|
- |
|
teracom
|
t2-b-gawv1.4u10y-bi
|
Multiple cross-site request forgery (CSRF) vulnerabilities in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allow remote attackers to hijack the authentication of admin…
|
CWE-352
Origin Validation Error
|
CVE-2014-10019
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292468
|
- |
|
teracom
|
t2-b-gawv1.4u10y-bi
|
Cross-site scripting (XSS) vulnerability in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allows remote attackers to inject arbitrary web script or HTML via the essid p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-10018
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292469
|
- |
|
welcart
|
e-commerce
|
Multiple SQL injection vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) changeSort or (2) switch parameter in…
|
CWE-89
SQL Injection
|
CVE-2014-10017
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292470
|
- |
|
welcart
|
e-commerce
|
Multiple cross-site scripting (XSS) vulnerabilities in the Welcart e-Commerce plugin 1.3.12 for WordPress allow remote attackers to inject arbitrary web script or HTML via (1) unspecified vectors rel…
|
CWE-79
Cross-site Scripting
|
CVE-2014-10016
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
