|
282471
|
- |
|
mantisbt
|
mantisbt
|
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via th…
|
CWE-19
Data Processing Errors
|
CVE-2014-8598
|
2024-11-21 11:19 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282472
|
- |
|
freebsd
|
freebsd
|
FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attacker…
|
CWE-17
Code
|
CVE-2014-8475
|
2024-11-21 11:19 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282473
|
- |
|
codecanyon
|
phpsound
|
Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8954
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282474
|
- |
|
phpscriptlerim
|
php_scriptlerim_who\'s_who
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin …
|
CWE-352
Origin Validation Error
|
CVE-2014-8953
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282475
|
- |
|
phpmemcachedadmin_project
|
phpmemcachedadmin
|
Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8732
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282476
|
- |
|
f5
|
big-ip_local_traffic_manager
|
Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2014-8727
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282477
|
- |
|
php-fusion
|
php-fusion
|
Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/s…
|
CWE-89
SQL Injection
|
CVE-2014-8596
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282478
|
- |
|
apple
netbsd
|
mac_os_x
netbsd
|
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary c…
|
CWE-77
Command Injection
|
CVE-2014-8517
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282479
|
- |
|
manageengine
|
password_manager_pro
|
Multiple SQL injection vulnerabilities in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allow remote authenticated use…
|
CWE-89
SQL Injection
|
CVE-2014-8499
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282480
|
- |
|
zohocorp
|
manageengine_password_manager_pro
|
SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7.1 build 7105 allows remote …
|
CWE-89
SQL Injection
|
CVE-2014-8498
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
