|
276581
|
- |
|
vbulletin
|
vbulletin
|
Cross-site request forgery (CSRF) vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that (1) ban a us…
|
CWE-352
Origin Validation Error
|
CVE-2014-9438
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276582
|
- |
|
sliding_social_icons_project
|
sliding_social_icons
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Sliding Social Icons plugin 1.61 for WordPress allow remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2014-9437
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276583
|
- |
|
sysaid
|
sysaid
|
Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.
|
CWE-22
Path Traversal
|
CVE-2014-9436
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276584
|
- |
|
absolutengine
|
absolut_engine
|
Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the (1) sectionID parameter to admin/managersection.php, (2) userI…
|
CWE-89
SQL Injection
|
CVE-2014-9435
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276585
|
- |
|
absolutengine
|
absolut_engine
|
Cross-site scripting (XSS) vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9434
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276586
|
- |
|
contenido
|
contendio
|
Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php in Contenido before 4.9.6, when advanced mod rewrite (AMR) is disabled, allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9433
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276587
|
- |
|
s9y
|
serendipity
|
Multiple cross-site scripting (XSS) vulnerabilities in templates/2k11/admin/overview.inc.tpl in Serendipity before 2.0-rc2 allow remote attackers to inject arbitrary web script or HTML via a blog com…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9432
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276588
|
- |
|
smoothwall
|
smoothwall
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1)…
|
CWE-352
Origin Validation Error
|
CVE-2014-9431
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276589
|
- |
|
smoothwall
|
smoothwall
|
Cross-site scripting (XSS) vulnerability in httpd/cgi-bin/vpn.cgi/vpnconfig.dat in Smoothwall Express 3.0 SP3 allows remote attackers to inject arbitrary web script or HTML via the COMMENT parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9430
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276590
|
- |
|
smoothwall
|
smoothwall
|
Multiple cross-site scripting (XSS) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to inject arbitrary web script or HTML via the (1) PROFILENAME parameter in a Save act…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9429
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
