|
278251
|
- |
|
horde
|
internet_mail_program
groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4946
|
2024-11-21 11:11 |
2014-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278252
|
- |
|
horde
|
internet_mail_program
groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4945
|
2024-11-21 11:11 |
2014-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278253
|
- |
|
bannersky
|
bsk_pdf_manager
|
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) ca…
|
CWE-89
SQL Injection
|
CVE-2014-4944
|
2024-11-21 11:11 |
2014-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278254
|
- |
|
levelfourdevelopment
|
wp-easycart
|
The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo functio…
|
CWE-200
Information Exposure
|
CVE-2014-4942
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278255
|
- |
|
cross-rss_plugin_project
|
wp-cross-rss
|
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
|
CWE-22
Path Traversal
|
CVE-2014-4941
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278256
|
- |
|
tera_charts_plugin_project
|
tera-charts
|
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/…
|
CWE-22
Path Traversal
|
CVE-2014-4940
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278257
|
- |
|
enl_newsletter_plugin_project
|
enl-newsletter
|
SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the …
|
CWE-89
SQL Injection
|
CVE-2014-4939
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278258
|
- |
|
wp_rss_poster_plugin_project
|
wp-rss-poster
|
SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to w…
|
CWE-89
SQL Injection
|
CVE-2014-4938
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278259
|
- |
|
bookx_plugin_project
|
bookx
|
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2014-4937
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278260
|
- |
|
pnp4nagios
|
pnp4nagios
|
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4908
|
2024-11-21 11:11 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
