|
279141
|
- |
|
closeprotectionworld
|
cpworld_close_protection_world
|
The CPWORLD Close Protection World (aka com.tapatalk.closeprotectionworldcom) application 3.4.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attacke…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4885
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279142
|
- |
|
conrad_hotel_project
|
conrad_hotel
|
The Conrad Hotel (aka com.wConradHotel) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4884
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279143
|
- |
|
date_project
|
date
|
Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5169
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279144
|
- |
|
debian
cacti
opensuse
|
debian_linux
cacti
opensuse
|
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5026
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279145
|
- |
|
debian
opensuse
cacti
|
debian_linux
opensuse
cacti
|
Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5025
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279146
|
- |
|
pro_chat_rooms
|
text_chat_rooms
|
Multiple cross-site scripting (XSS) vulnerabilities in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to inject arbitrary web script or HTML via (1) an uploaded profile picture…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5276
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279147
|
- |
|
prochatrooms
|
text_chat_rooms
|
Multiple SQL injection vulnerabilities in includes/functions.php in Pro Chat Rooms Text Chat Rooms 8.2.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) password, (2) e…
|
CWE-89
SQL Injection
|
CVE-2014-5275
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279148
|
- |
|
jamroom
|
search_module
|
Cross-site scripting (XSS) vulnerability in the Search module before 1.2.2 in Jamroom allows remote attackers to inject arbitrary web script or HTML via the query string to search/results/.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5098
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279149
|
- |
|
status2k
|
status2k
|
Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2014-5094
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279150
|
- |
|
aptana
|
aflax
|
Cross-site scripting (XSS) vulnerability in Aflax allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5331
|
2024-11-21 11:11 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
