|
277671
|
- |
|
logintoboggan_project
|
logintoboggan
|
Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9364
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277672
|
- |
|
meta_tags_quick_project
|
meta_tags_quick
|
Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary we…
|
NVD-CWE-Other
|
CVE-2014-9363
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277673
|
- |
|
meta_tags_quick_project
|
meta_tags_quick
|
Cross-site scripting (XSS) vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9362
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277674
|
- |
|
logintoboggan_project
|
logintoboggan
|
The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privi…
|
CWE-200
Information Exposure
|
CVE-2014-9361
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277675
|
- |
|
scalix
|
web_access
|
XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted reque…
|
NVD-CWE-Other
|
CVE-2014-9360
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277676
|
- |
|
intelliants
|
subrion
|
Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9120
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277677
|
- |
|
icecast
|
icecast
|
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9091
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277678
|
- |
|
scalix
|
web_access
|
Cross-site scripting (XSS) vulnerability in the mail administration login panel in Scalix Web Access 11.4.6.12377 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9352
|
2024-11-21 11:20 |
2014-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277679
|
- |
|
teeworlds
|
teeworlds
|
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2014-9351
|
2024-11-21 11:20 |
2014-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277680
|
- |
|
ffmpeg
|
ffmpeg
|
The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds acc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9319
|
2024-11-21 11:20 |
2014-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
