|
276641
|
- |
|
wpcommenttwit_project
|
wpcommenttwit
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the wpCommentTwit plugin 0.5 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests…
|
CWE-352
Origin Validation Error
|
CVE-2014-9340
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276642
|
- |
|
jayde_online
|
spnbabble
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the SPNbabble plugin 1.4.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2014-9339
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276643
|
- |
|
o2tweet_project
|
o2tweet
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the O2Tweet plugin 0.0.4 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2014-9338
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276644
|
- |
|
mikiurl_wordpress_eklentisi_project
|
mikiurl_wordpress_eklentisi
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mikiurl Wordpress Eklentisi plugin 2.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrator…
|
CWE-352
Origin Validation Error
|
CVE-2014-9337
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276645
|
- |
|
itwitter_project
|
itwitter
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the iTwitter plugin 0.04 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2014-9336
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276646
|
- |
|
dandyid_services_project
|
dandyid_services
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the DandyID Services plugin 1.5.9 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for req…
|
CWE-352
Origin Validation Error
|
CVE-2014-9335
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276647
|
- |
|
otrs
|
otrs_help_desk
|
The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vector…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9324
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276648
|
- |
|
glpi-project
|
glpi
|
SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
|
CWE-89
SQL Injection
|
CVE-2014-9258
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276649
|
- |
|
morfy_cms_project
|
morfy_cms
|
Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the site_url parameter.
|
CWE-94
Code Injection
|
CVE-2014-9185
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276650
|
- |
|
huawei
|
p7-l10_firmware
|
The PackageInstaller module in Huawei P7-L10 smartphones before V100R001C00B136 allows remote attackers to spoof the origin website and bypass the website whitelist protection mechanism via a crafted…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9135
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
