|
277951
|
- |
|
videolan
|
vlc_media_player
|
Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9743
|
2024-11-21 11:21 |
2015-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277952
|
- |
|
gehealthcare
|
centricity_clinical_archive_audit_trail_repository
|
GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststor…
|
CWE-255
Credentials Management
|
CVE-2014-9736
|
2024-11-21 11:21 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277953
|
- |
|
esri
|
arcgis_for_engine
arcgis_for_desktop
arcgis_server
|
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Desktop, ArcGIS for Engine, and ArcGIS for Server 10.2.2 and earlier allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9741
|
2024-11-21 11:21 |
2015-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277954
|
- |
|
rules_link_project
|
rules_link
|
Cross-site scripting (XSS) vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9740
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277955
|
- |
|
node_field_project
|
node_field
|
Cross-site scripting (XSS) vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9739
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277956
|
- |
|
tournament_project
|
tournament
|
Multiple cross-site scripting (XSS) vulnerabilities in the Tournament module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9738
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277957
|
- |
|
language_switcher_dropdown_project
|
language_switcher_dropdown
|
Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2014-9737
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277958
|
- |
|
themepunch
|
showbiz_pro
slider_revolution
|
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX function…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9735
|
2024-11-21 11:21 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277959
|
- |
|
themepunch
|
slider_revolution
|
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a rev…
|
CWE-22
Path Traversal
|
CVE-2014-9734
|
2024-11-21 11:21 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277960
|
- |
|
libmspack_project
|
libmspack
|
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attacke…
|
NVD-CWE-Other
|
CVE-2014-9732
|
2024-11-21 11:21 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
