|
281671
|
- |
|
pmb_services
|
pmb
|
SQL injection vulnerability in classes/mono_display.class.php in PMB 4.1.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the id parameter to catalog.php.
|
CWE-89
SQL Injection
|
CVE-2014-9457
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281672
|
- |
|
don_ho
|
notepad\+\+
|
Buffer overflow in NotePad++ 6.6.9 allows remote attackers to have unspecified impact via a long Time attribute in an Event element in an XML file. NOTE: this issue was originally incorrectly mapped…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9456
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281673
|
- |
|
cts_projects\&software
|
classad
|
SQL injection vulnerability in showads.php in CTS Projects & Software ClassAd 3.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-9455
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281674
|
- |
|
simple_sticky_footer_project
|
simple_sticky_footer
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Sticky Footer plugin before 1.3.3 for WordPress allow remote attackers to hijack the authentication of administrators for requ…
|
CWE-352
Origin Validation Error
|
CVE-2014-9454
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281675
|
- |
|
simple_visitor_stat_project
|
simple_visitor_stat
|
Multiple cross-site scripting (XSS) vulnerabilities in simple-visitor-stat.php in the Simple visitor stat plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9453
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281676
|
- |
|
vdgsecurity
|
vdg_sense
|
Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI to images/.
|
CWE-22
Path Traversal
|
CVE-2014-9452
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281677
|
- |
|
vdgsecurity
|
vdg_sense
|
Multiple stack-based buffer overflows in the DIVA web service API (/webservice) in VDG Security SENSE (formerly DIVA) 2.3.13 allow remote attackers to execute arbitrary code via the (1) user or (2) p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9451
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281678
|
- |
|
zabbix
|
zabbix
|
Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2014-9450
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281679
|
- |
|
exiv2
fedoraproject
|
exiv2
fedora
|
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9449
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281680
|
- |
|
mini-stream
|
rm-mp3_converter
|
Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9448
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
