|
281561
|
- |
|
vdgsecurity
|
vdg_sense
|
Directory traversal vulnerability in VDG Security SENSE (formerly DIVA) 2.3.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI to images/.
|
CWE-22
Path Traversal
|
CVE-2014-9452
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281562
|
- |
|
vdgsecurity
|
vdg_sense
|
Multiple stack-based buffer overflows in the DIVA web service API (/webservice) in VDG Security SENSE (formerly DIVA) 2.3.13 allow remote attackers to execute arbitrary code via the (1) user or (2) p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9451
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281563
|
- |
|
zabbix
|
zabbix
|
Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2014-9450
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281564
|
- |
|
exiv2
fedoraproject
|
exiv2
fedora
|
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9449
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281565
|
- |
|
mini-stream
|
rm-mp3_converter
|
Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9448
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281566
|
- |
|
elfutils_project
|
elfutils
|
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (…
|
CWE-22
Path Traversal
|
CVE-2014-9447
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281567
|
- |
|
koha
|
koha
|
Multiple cross-site scripting (XSS) vulnerabilities in the Staff client in Koha before 3.16.6 and 3.18.x before 3.18.2 allow remote attackers to inject arbitrary web script or HTML via the sort_by pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9446
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281568
|
- |
|
installatron
|
gatequest_file_manager
|
SQL injection vulnerability in incl/create.inc.php in Installatron GQ File Manager 0.2.5 allows remote attackers to execute arbitrary SQL commands via the create parameter to index.php. NOTE: this c…
|
CWE-89
SQL Injection
|
CVE-2014-9445
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281569
|
- |
|
frontend_uploader_project
|
frontend_uploader
|
Cross-site scripting (XSS) vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the errors[fu-disallowed-mime-type][0][…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9444
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281570
|
- |
|
relevanssi
|
relevanssi
|
Cross-site scripting (XSS) vulnerability in the Relevanssi plugin before 3.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9443
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
