|
286211
|
- |
|
ganesha_digital_library_project
|
ganesha_digital_library
|
Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newt…
|
CWE-22
Path Traversal
|
CVE-2014-100029
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286212
|
- |
|
webcrafted_project
|
webcrafted
|
Cross-site scripting (XSS) vulnerability in /signup in WEBCrafted allows remote attackers to inject arbitrary web script or HTML via the username.
|
CWE-79
Cross-site Scripting
|
CVE-2014-100028
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286213
|
- |
|
getusedtoit
|
wp_slimstat
|
Cross-site scripting (XSS) vulnerability in the WP SlimStat plugin before 3.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2014-100027
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286214
|
- |
|
april\'s_super_functions_pack_project
|
april\'s_super_functions_pack
|
Cross-site scripting (XSS) vulnerability in readme.php in the April's Super Functions Pack plugin before 1.4.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pag…
|
CWE-79
Cross-site Scripting
|
CVE-2014-100026
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286215
|
- |
|
savsoft_technologies
|
savsoft_quiz
|
Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an a…
|
CWE-352
Origin Validation Error
|
CVE-2014-100025
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286216
|
- |
|
seopanel
|
seo_panel
|
Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-100024
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286217
|
- |
|
mtouch_quiz_project
|
mtouch_quiz
|
Multiple cross-site scripting (XSS) vulnerabilities in question.php in the mTouch Quiz before 3.0.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the quiz parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-100023
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286218
|
- |
|
mtouch_quiz_project
|
mtouch_quiz
|
SQL injection vulnerability in question.php in the mTouch Quiz before 3.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the quiz parameter to wp-admin/edit.php.
|
CWE-89
SQL Injection
|
CVE-2014-100022
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286219
|
- |
|
orangehrm
|
orangehrm
|
Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearch[emplo…
|
CWE-79
Cross-site Scripting
|
CVE-2014-100021
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286220
|
- |
|
itechscripts
|
itechclassifieds
|
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is alrea…
|
CWE-89
SQL Injection
|
CVE-2014-100020
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
