|
279401
|
- |
|
ajaydsouza
|
contextual_related_posts
|
SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3937
|
2024-11-21 11:09 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279402
|
- |
|
dlink
|
dir505_shareport_mobile_companion_firmware
dir505_shareport_mobile_companion
dir505l_shareport_mobile_companion_firmware
dir-505l_shareport_mobile_companion
dsp-w215_firmware
dsp-w215
|
Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev. A1) with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3936
|
2024-11-21 11:09 |
2014-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279403
|
- |
|
xoops
|
glossaire_module
|
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter.
|
CWE-89
SQL Injection
|
CVE-2014-3935
|
2024-11-21 11:09 |
2014-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279404
|
- |
|
phpnuke
|
php-nuke
submit_news_module
|
SQL injection vulnerability in the Submit_News module for PHP-Nuke 8.3 allows remote attackers to execute arbitrary SQL commands via the topics[] parameter to modules.php.
|
CWE-89
SQL Injection
|
CVE-2014-3934
|
2024-11-21 11:09 |
2014-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279405
|
- |
|
newsignature
|
addressfield_tokens
|
Cross-site scripting (XSS) vulnerability in the address components field formatter in the AddressField Tokens module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3933
|
2024-11-21 11:09 |
2014-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279406
|
- |
|
cososys
|
endpoint_protector
|
SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2014-3932
|
2024-11-21 11:09 |
2014-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279407
|
- |
|
canonical
redhat
|
ubuntu_linux
sos
|
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing th…
|
CWE-255
Credentials Management
|
CVE-2014-3925
|
2024-11-21 11:09 |
2014-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279408
|
- |
|
debian
|
dpkg-dev
|
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote attackers to modify files outside of the intended directories via a source package with a crafted Index: pse…
|
CWE-22
Path Traversal
|
CVE-2014-3865
|
2024-11-21 11:09 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279409
|
- |
|
debian
|
dpkg-dev
|
Directory traversal vulnerability in dpkg-source in dpkg-dev 1.3.0 allows remote attackers to modify files outside of the intended directories via a crafted source package that lacks a --- header lin…
|
CWE-22
Path Traversal
|
CVE-2014-3864
|
2024-11-21 11:09 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279410
|
- |
|
webmin
|
webmin
userwin
|
Multiple cross-site scripting (XSS) vulnerabilities in Webmin before 1.690 and Usermin before 1.600 allow remote attackers to inject arbitrary web script or HTML via vectors related to popup windows.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3924
|
2024-11-21 11:09 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
