|
279191
|
- |
|
blackcat-cms
|
blackcat_cms
|
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5259
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279192
|
- |
|
sos
|
jobscheduler
|
Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission …
|
CWE-22
Path Traversal
|
CVE-2014-5393
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279193
|
- |
|
sos
|
jobscheduler
|
Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5391
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279194
|
- |
|
avolvesoftware
|
projectdox
|
Cross-site scripting (XSS) vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5129
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279195
|
- |
|
cacheguard
|
cacheguardos
|
Cross-site request forgery (CSRF) vulnerability in gui/password-wadmin.apl in CacheGuard OS 5.7.7 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2014-4865
|
2024-11-21 11:11 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279196
|
- |
|
sixapart
|
movabletype
|
Cross-site scripting (XSS) vulnerability in the management page in Six Apart Movable Type before 5.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5313
|
2024-11-21 11:11 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279197
|
- |
|
netgear
|
prosafe_firmware
|
The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file.
|
CWE-255
Credentials Management
|
CVE-2014-4864
|
2024-11-21 11:11 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279198
|
- |
|
enigmail
|
enigmail
|
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the n…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5369
|
2024-11-21 11:11 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279199
|
- |
|
nodejs
|
nodejs
|
Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5256
|
2024-11-21 11:11 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279200
|
- |
|
arris
|
touchstone_dg950a_software
touchstone_dg950a
|
The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP reque…
|
CWE-200
Information Exposure
|
CVE-2014-4863
|
2024-11-21 11:11 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
