|
276891
|
- |
|
sap
|
businessobjects_xi
businessobjects
|
SAP BusinessObjects 4.0 and BusinessObjects XI (BOXI) R2 and 3.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which all…
|
CWE-200
Information Exposure
|
CVE-2014-8309
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276892
|
- |
|
sap
|
businessobjects
|
Cross-site scripting (XSS) vulnerability in the Send to Inbox functionality in SAP BusinessObjects BI EDGE 4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8308
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276893
|
- |
|
c97
|
cart_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) path parame…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8307
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276894
|
- |
|
c97
|
cart_engine
|
SQL injection vulnerability in the sql_query function in cart.php in C97net Cart Engine before 4.0 allows remote attackers to execute arbitrary SQL commands via the item_id variable, as demonstrated …
|
CWE-89
SQL Injection
|
CVE-2014-8306
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276895
|
- |
|
c97
|
cart_engine
|
Open redirect vulnerability in the redir function in includes/function.php in C97net Cart Engine before 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attac…
|
NVD-CWE-Other
|
CVE-2014-8305
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276896
|
- |
|
in-portal
|
in-portal
|
Cross-site scripting (XSS) vulnerability in In-Portal CMS 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the next_template parameter to admin/index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8304
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276897
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors relate…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8303
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276898
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8302
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276899
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8301
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276900
|
- |
|
tigervnc
|
tigervnc
|
Integer overflow in TigerVNC allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to screen size handling, which triggers a heap-base…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8240
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
