|
279341
|
- |
|
sap
|
supplier_relationship_management
|
Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4161
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279342
|
- |
|
sap
|
netweaver_business_client
|
Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas node in SAP NetWeaver Business Client (NWBC) allow remote attackers to inject arbitrary web script or HTML via the (1) title or (…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4160
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279343
|
- |
|
sap
|
supplier_relationship_management
|
Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a …
|
NVD-CWE-Other
|
CVE-2014-4159
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279344
|
- |
|
senkas
|
kolibri
|
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4158
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279345
|
- |
|
isc
|
bind
|
libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet,…
|
CWE-20
Improper Input Validation
|
CVE-2014-3859
|
2024-11-21 11:09 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279346
|
- |
|
ckeditor
|
fckeditor
|
Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor before 2.6.11 and earlier allows remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4037
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279347
|
- |
|
impresscms
|
impresscms
|
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4036
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279348
|
- |
|
bestsoftinc
|
advance_hotel_booking_system
|
Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote attackers to inject arbitrary web script or HTML via the title p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4035
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279349
|
- |
|
aas9
|
zerocms
|
SQL injection vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4034
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279350
|
- |
|
efrontlearning
|
efront
|
Cross-site scripting (XSS) vulnerability in libraries/includes/personal/profile.php in Epignosis eFront 3.6.14.4 allows remote attackers to inject arbitrary web script or HTML via the surname paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4033
|
2024-11-21 11:09 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
