|
277411
|
- |
|
7-eleven
|
7-eleven
|
The 7-ELEVEN (aka ecowork.seven) application 2.08.000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive i…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5883
|
2024-11-21 11:13 |
2014-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277412
|
- |
|
applica
|
homoo_ijiri
|
The Homoo Ijiri (aka jp.co.applica) application 3.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive inf…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5882
|
2024-11-21 11:13 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277413
|
- |
|
yahoo
|
yahoo_ybox
|
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ob…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5881
|
2024-11-21 11:13 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277414
|
- |
|
tvguide_project
|
tvguide
|
The tvguide (aka kenneth.tvguide) application 1.9.14 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive in…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5879
|
2024-11-21 11:13 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277415
|
- |
|
zohocorp
|
manageengine_eventlog_analyzer
|
ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authenticated users to obtain access to the databa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6043
|
2024-11-21 11:13 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277416
|
- |
|
flat_manager_project
|
flat_manager
|
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 2.7.10 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-6233
|
2024-11-21 11:13 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277417
|
- |
|
ldap_project
|
ldap
|
Unspecified vulnerability in the LDAP (eu_ldap) extension before 2.8.18 for TYPO3 allows remote authenticated users to obtain sensitive information via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-6232
|
2024-11-21 11:13 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277418
|
- |
|
cwt_frontend_edit_project
|
cwt_frontend_edit
|
Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-6231
|
2024-11-21 11:13 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277419
|
- |
|
adiscon
|
loganalyzer
|
Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6070
|
2024-11-21 11:13 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277420
|
- |
|
i-um
|
ium
|
The ium (aka net.ium.mobile.android) application 3.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive …
|
CWE-310
Cryptographic Issues
|
CVE-2014-5878
|
2024-11-21 11:13 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
