|
276701
|
- |
|
imember360
|
imember360
|
Cross-site request forgery (CSRF) vulnerability in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote attackers to hijack the authentication of administrators for requests that…
|
CWE-352
Origin Validation Error
|
CVE-2014-8948
|
2024-11-21 11:19 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276702
|
- |
|
uninett
oracle
|
mod_auth_mellon
linux
|
The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflo…
|
CWE-200
Information Exposure
|
CVE-2014-8566
|
2024-11-21 11:19 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276703
|
- |
|
uninett
redhat
|
mod_auth_mellon
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_tus
enterprise_linux_server_eus
|
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.
|
CWE-399
Resource Management Errors
|
CVE-2014-8567
|
2024-11-21 11:19 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276704
|
- |
|
magmi_project
|
magmi
|
Unrestricted file upload vulnerability in magmi/web/magmi.php in the MAGMI (aka Magento Mass Importer) plugin 0.7.17a and earlier for Magento Community Edition (CE) allows remote authenticated users …
|
CWE-94
Code Injection
|
CVE-2014-8770
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276705
|
- |
|
gnu
redhat
opensuse
canonical
|
gnutls
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
opensuse
ubuntu_linux
|
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8564
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276706
|
- |
|
jexperts
|
channel_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in JExperts Channel Platform 5.0.33_CCB allow remote attackers to inject arbitrary web script or HTML via the (1) usuario.nome variable in an edita…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8557
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276707
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the proje…
|
CWE-89
SQL Injection
|
CVE-2014-8554
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276708
|
- |
|
freebsd
|
freebsd
|
The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a ca…
|
CWE-200
Information Exposure
|
CVE-2014-8476
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276709
|
- |
|
open_atrium_project
|
open_atrium
|
The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revi…
|
CWE-200
Information Exposure
|
CVE-2014-8736
|
2024-11-21 11:19 |
2014-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276710
|
- |
|
bad_behavior_project
|
bad_behavior
|
The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" per…
|
CWE-200
Information Exposure
|
CVE-2014-8735
|
2024-11-21 11:19 |
2014-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
