|
276601
|
- |
|
pictobrowser_project
|
pictobrowser
|
Cross-site request forgery (CSRF) vulnerability in the PictoBrowser (pictobrowser-gallery) plugin 0.3.1 and earlier for WordPress allows remote attackers to hijack the authentication of administrator…
|
CWE-352
Origin Validation Error
|
CVE-2014-9392
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276602
|
- |
|
gslideshow_project
|
gslideshow
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the gSlideShow plugin 0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2014-9391
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276603
|
- |
|
twiki
|
twiki
|
Incomplete blacklist vulnerability in the urlEncode function in lib/TWiki.pm in TWiki 6.0.0 and 6.0.1 allows remote attackers to conduct cross-site scripting (XSS) attacks via a "'" (single quote) in…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9367
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276604
|
- |
|
twiki
|
twiki
|
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRI…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9325
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276605
|
- |
|
minibb
|
minibb
|
bb_func_unsub.php in MiniBB 3.1 before 20141127 uses an incorrect regular expression, which allows remote attackers to conduct SQl injection attacks via the code parameter in an unsubscribe action to…
|
CWE-89
SQL Injection
|
CVE-2014-9254
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276606
|
- |
|
php
|
php
|
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attacke…
|
CWE-17
Code
|
CVE-2014-9426
|
2024-11-21 11:20 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276607
|
- |
|
php
apple
|
php
mac_os_x
|
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of…
|
NVD-CWE-Other
|
CVE-2014-9425
|
2024-11-21 11:20 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276608
|
- |
|
openbsd
|
libressl
|
Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified ot…
|
NVD-CWE-Other
|
CVE-2014-9424
|
2024-11-21 11:20 |
2014-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276609
|
- |
|
schneider_electric
|
proclima
|
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9188
|
2024-11-21 11:20 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276610
|
- |
|
linux
|
linux_kernel
|
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service…
|
CWE-399
Resource Management Errors
|
CVE-2014-9420
|
2024-11-21 11:20 |
2014-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
