|
277141
|
- |
|
xcloner
|
xcloner
|
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! returns the MySQL password in cleartext to a text box in the configuration panel, which allows remote attackers to obtain sensitive inform…
|
CWE-200
Information Exposure
|
CVE-2014-8604
|
2024-11-21 11:19 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277142
|
- |
|
xcloner
|
xcloner
|
cloner.functions.php in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to execute arbitrary code via shell metacharacters in the (1) file name when creating…
|
CWE-20
Improper Input Validation
|
CVE-2014-8603
|
2024-11-21 11:19 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277143
|
- |
|
ibm
|
marketing_operations
|
IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arb…
|
CWE-20
Improper Input Validation
|
CVE-2014-8887
|
2024-11-21 11:19 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277144
|
- |
|
sendio
|
sendio
|
The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of re…
|
CWE-200
Information Exposure
|
CVE-2014-8391
|
2024-11-21 11:19 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277145
|
- |
|
ibm
|
tivoli_asset_discovery_for_distributed
license_metric_tool
endpoint_manager_family
|
Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5…
|
CWE-399
Resource Management Errors
|
CVE-2014-8927
|
2024-11-21 11:19 |
2015-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277146
|
- |
|
ibm
|
tivoli_asset_discovery_for_distributed
license_metric_tool
endpoint_manager_family
|
Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5…
|
CWE-399
Resource Management Errors
|
CVE-2014-8926
|
2024-11-21 11:19 |
2015-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277147
|
- |
|
ibm
|
license_metric_tool
tivoli_asset_discovery_for_distributed
|
The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before IF24 and Tivoli Asset Discovery for Distributed 7.2.2 before IF15 and 7.5 before IF24 allows remote attackers to read arbitrary …
|
NVD-CWE-Other
|
CVE-2014-8924
|
2024-11-21 11:19 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277148
|
- |
|
fortinet
|
fortiweb
|
Cross-site scripting (XSS) vulnerability in the autolearn configuration page in Fortinet FortiWeb 5.1.2 through 5.3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8619
|
2024-11-21 11:19 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277149
|
- |
|
fortinet
|
fortiadc_firmware
fortiadc-1500d
fortiadc-2000d
fortiadc-200d
fortiadc-4000d
fortiadc-700d
|
Cross-site scripting (XSS) vulnerability in the theme login page in Fortinet FortiADC D models before 4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8618
|
2024-11-21 11:19 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277150
|
- |
|
fortinet
|
fortios
|
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x before 5.2.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) user group …
|
CWE-79
Cross-site Scripting
|
CVE-2014-8616
|
2024-11-21 11:19 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
