|
276901
|
- |
|
drupal
|
modal_frame
|
Cross-site scripting (XSS) vulnerability in the Modal Frame API module 6.x-1.x before 6.x-1.9 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8296
|
2024-11-21 11:18 |
2014-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276902
|
- |
|
bacula
|
bacula-web
|
SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute arbitrary SQL commands via the jobid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-8295
|
2024-11-21 11:18 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276903
|
- |
|
php_resource
|
voice_of_web_allmyguests
|
Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) allmyphp_cookie cookie to admin.php or the (2) Username o…
|
CWE-89
SQL Injection
|
CVE-2014-8294
|
2024-11-21 11:18 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276904
|
- |
|
php_resource
|
voice_of_web_allmyguests
|
Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMG_signin_topic parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8293
|
2024-11-21 11:18 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276905
|
- |
|
yootheme
|
pagekit
|
Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to index.ph…
|
NVD-CWE-Other
|
CVE-2014-8070
|
2024-11-21 11:18 |
2014-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276906
|
- |
|
yootheme
|
pagekit
|
Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP Referer header to index.php/user or (2…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8069
|
2024-11-21 11:18 |
2014-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276907
|
4.7 |
MEDIUM
Local
|
linux
suse
|
linux_kernel
suse_linux_enterprise_server
|
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a wri…
|
CWE-362
Race Condition
|
CVE-2014-8086
|
2024-11-21 11:18 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276908
|
5.5 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which all…
|
NVD-CWE-noinfo
|
CVE-2014-7975
|
2024-11-21 11:18 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276909
|
5.5 |
MEDIUM
Local
|
novell
linux
canonical
|
suse_linux_enterprise_server
linux_kernel
ubuntu_linux
|
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-7970
|
2024-11-21 11:18 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276910
|
- |
|
drupal
|
mayo
|
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8079
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
