|
278161
|
- |
|
sphider
|
sphider
|
Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter.
|
CWE-94
Code Injection
|
CVE-2014-5194
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278162
|
- |
|
sphider
|
sphider
|
Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5193
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278163
|
- |
|
sphider
|
sphider
|
SQL injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to execute arbitrary SQL commands via the filter parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5192
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278164
|
- |
|
ckeditor
|
ckeditor
|
Cross-site scripting (XSS) vulnerability in the Preview plugin before 4.4.3 in CKEditor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5191
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278165
|
- |
|
si_captcha_anti-spam_project
|
si_captcha_anti-spam
|
Cross-site scripting (XSS) vulnerability in captcha-secureimage/test/index.php in the SI CAPTCHA Anti-Spam plugin 2.7.4 for WordPress allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5190
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278166
|
- |
|
leadoctopus
|
lead_octopus
|
SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5189
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278167
|
- |
|
lyris
|
list_manager
|
Cross-site scripting (XSS) vulnerability in doemailpassword.tml in Lyris ListManager (LM) 8.95a allows remote attackers to inject arbitrary web script or HTML via the EmailAddr parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5188
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278168
|
- |
|
tom_m8te_plugin_project
|
tom-m8te_plugin
|
Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote attackers to read arbitrary files via the file parameter to tom-download-file.php.
|
CWE-22
Path Traversal
|
CVE-2014-5187
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278169
|
- |
|
all_video_gallery_plugin_project
|
all-video-gallery
|
SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in …
|
CWE-89
SQL Injection
|
CVE-2014-5186
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278170
|
- |
|
quartz_plugin_project
|
quartz_plugin
|
SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edi…
|
CWE-89
SQL Injection
|
CVE-2014-5185
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
