|
281801
|
- |
|
vbulletin
|
vbulletin
|
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to privatemessage/new/, (2) the fold…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3135
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281802
|
- |
|
sap
|
businessobjects
|
Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3134
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281803
|
- |
|
sap
|
netweaver_java_application_server
|
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3133
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281804
|
- |
|
sap
|
background_processing
|
SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3132
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281805
|
- |
|
sap
|
profile_maintenance
|
SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3131
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281806
|
- |
|
sap
|
netweaver_abap_application_server
|
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and exe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3130
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281807
|
- |
|
sap
|
netweaver_software_lifecycle_manager
|
The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
|
CWE-200
Information Exposure
|
CVE-2014-3129
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281808
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2853
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281809
|
- |
|
unitrends
|
enterprise_backup
|
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.
|
CWE-78
OS Command
|
CVE-2014-3008
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281810
|
- |
|
xen
|
xen
|
The vgic_distr_mmio_write function in the virtual guest interrupt controller (GIC) distributor (arch/arm/vgic.c) in Xen 4.4.x, when running on an ARM system, allows local guest users to cause a denia…
|
CWE-20
Improper Input Validation
|
CVE-2014-2986
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
