|
286091
|
9.8 |
CRITICAL
Network
|
unify
|
openscape_deployment_service
|
SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-2652
|
2024-11-21 11:06 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286092
|
8.8 |
HIGH
Network
|
disable_comments
|
disable_comments_project
|
Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enab…
|
CWE-352
Origin Validation Error
|
CVE-2014-2550
|
2024-11-21 11:06 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286093
|
6.1 |
MEDIUM
Network
|
videowhisper
|
videowhisper_live_streaming_integration
|
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2297
|
2024-11-21 11:06 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286094
|
9.8 |
CRITICAL
Network
|
arubanetworks
|
web_management_portal
|
Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2014-2592
|
2024-11-21 11:06 |
2018-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286095
|
8.8 |
HIGH
Network
|
x2engine
|
x2crm
|
Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM before 4.0 allows remote attackers to execut…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2014-2664
|
2024-11-21 11:06 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286096
|
6.1 |
MEDIUM
Network
|
oliver_project
|
oliver
|
Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2710
|
2024-11-21 11:06 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286097
|
- |
|
php_font_lib_project
|
php_font_lib
|
Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2570
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286098
|
- |
|
check_mk_project
|
check_mk
|
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOT…
|
CWE-20
Improper Input Validation
|
CVE-2014-2332
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286099
|
- |
|
check_mk_project
|
check_mk
|
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers b…
|
CWE-94
Code Injection
|
CVE-2014-2331
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286100
|
- |
|
check_mk_project
|
check_mk
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload ar…
|
CWE-352
Origin Validation Error
|
CVE-2014-2330
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
