|
279481
|
- |
|
adaptivecomputing
|
moab
|
The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 does not properly validate the message owner matches the submitting user, which allows remote authenticated users to impersonate …
|
CWE-20
Improper Input Validation
|
CVE-2014-5375
|
2024-11-21 11:11 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279482
|
- |
|
adaptivecomputing
|
moab
|
Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature.
|
CWE-287
Improper Authentication
|
CVE-2014-5300
|
2024-11-21 11:11 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279483
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.p…
|
CWE-89
SQL Injection
|
CVE-2014-5308
|
2024-11-21 11:11 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279484
|
- |
|
netcommwireless
|
nb604n_firmware
nb604n
|
Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2014-4871
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279485
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges…
|
CWE-20
Improper Input Validation
|
CVE-2014-4870
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279486
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4869
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279487
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console comma…
|
CWE-78
OS Command
|
CVE-2014-4868
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279488
|
- |
|
content_audit_project
|
content_audit
|
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content typ…
|
CWE-89
SQL Injection
|
CVE-2014-5389
|
2024-11-21 11:11 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279489
|
- |
|
rockwellautomation
|
ab_micrologix_controller
|
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause…
|
CWE-399
Resource Management Errors
|
CVE-2014-5410
|
2024-11-21 11:11 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279490
|
- |
|
drupal
|
drupal
|
modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to have unspecified impact via a crafted DOCTYPE declaration in an XRDS document.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5267
|
2024-11-21 11:11 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
