|
282111
|
8.8 |
HIGH
Network
|
disable_comments
|
disable_comments_project
|
Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enab…
|
CWE-352
Origin Validation Error
|
CVE-2014-2550
|
2024-11-21 11:06 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282112
|
6.1 |
MEDIUM
Network
|
videowhisper
|
videowhisper_live_streaming_integration
|
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2297
|
2024-11-21 11:06 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282113
|
9.8 |
CRITICAL
Network
|
arubanetworks
|
web_management_portal
|
Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2014-2592
|
2024-11-21 11:06 |
2018-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282114
|
8.8 |
HIGH
Network
|
x2engine
|
x2crm
|
Unrestricted file upload vulnerability in the ProfileController::actionUploadPhoto method in protected/controllers/ProfileController.php in X2Engine X2CRM before 4.0 allows remote attackers to execut…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2014-2664
|
2024-11-21 11:06 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282115
|
6.1 |
MEDIUM
Network
|
oliver_project
|
oliver
|
Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2710
|
2024-11-21 11:06 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282116
|
- |
|
php_font_lib_project
|
php_font_lib
|
Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2570
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282117
|
- |
|
check_mk_project
|
check_mk
|
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOT…
|
CWE-20
Improper Input Validation
|
CVE-2014-2332
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282118
|
- |
|
check_mk_project
|
check_mk
|
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers b…
|
CWE-94
Code Injection
|
CVE-2014-2331
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282119
|
- |
|
check_mk_project
|
check_mk
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload ar…
|
CWE-352
Origin Validation Error
|
CVE-2014-2330
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282120
|
- |
|
check_mk_project
|
check_mk
|
Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent stri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2329
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
