|
287801
|
- |
|
hp
|
hp_h-series_fibre_channel_switch_firmware
8\/20q_fibre_channel_switch_16_port
8\/20q_fibre_channel_switch_8_port
8gb_simple_san_connection_kit
sn6000_stackable_8gb_12-port_single_power_fi…
|
Unspecified vulnerability on HP 8/20q switches, SN6000 switches, and 8Gb Simple SAN Connection Kit with firmware before 8.0.14.08.00 allows remote authenticated users to obtain sensitive information …
|
NVD-CWE-noinfo
|
CVE-2014-2603
|
2024-11-21 11:06 |
2014-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287802
|
- |
|
slashes\&dots
|
offria
|
Cross-site scripting (XSS) vulnerability in Offiria 2.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to installer/index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2689
|
2024-11-21 11:06 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287803
|
- |
|
hp
|
oneview
|
Unspecified vulnerability in HP OneView 1.0 and 1.01 allows remote authenticated users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2602
|
2024-11-21 11:06 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287804
|
- |
|
skyphe
|
file-gallery
|
The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which allows remote administrators to execute arbitrary PHP code via a \' (backslash quote) in the setting field…
|
CWE-94
Code Injection
|
CVE-2014-2558
|
2024-11-21 11:06 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287805
|
- |
|
amtelco
|
misecuremessages
|
Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2347
|
2024-11-21 11:06 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287806
|
- |
|
dynamixsolutions
|
arabic_prawn
|
lib/string_utf_support.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) downloaded_file or (2) url variable.
|
NVD-CWE-Other
|
CVE-2014-2322
|
2024-11-21 11:06 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287807
|
- |
|
bluecoat
|
content_analysis_system_software
content_analysis_system
|
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injecti…
|
CWE-78
OS Command
|
CVE-2014-2565
|
2024-11-21 11:06 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287808
|
- |
|
tibco
|
slingshot
vault
managed_file_transfer_command_center
managed_file_transfer_internet_server
|
TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive …
|
CWE-200
Information Exposure
|
CVE-2014-2545
|
2024-11-21 11:06 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287809
|
- |
|
videowhisper
|
videowhisper
|
Multiple cross-site scripting (XSS) vulnerabilities in vwrooms\templates\logout.tpl.php in the VideoWhisper Webcam plugins for Drupal 7.x allow remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2715
|
2024-11-21 11:06 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287810
|
- |
|
papercut
|
papercut_ng
papercut_mf
|
Unspecified vulnerability in Papercut MF and NG before 14.1 (Build 26983) allows attacker to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2658
|
2024-11-21 11:06 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
