|
279281
|
- |
|
compfight_project
|
compfight
|
Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the search-valu…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5202
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279282
|
- |
|
gallery_objects_project
|
gallery_objects
|
SQL injection vulnerability in the Gallery Objects plugin 0.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the viewid parameter in a go_view_object action to wp-admin/a…
|
CWE-89
SQL Injection
|
CVE-2014-5201
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279283
|
- |
|
fb_gorilla_project
|
fb_gorilla
|
SQL injection vulnerability in game_play.php in the FB Gorilla plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5200
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279284
|
- |
|
wordpress_file_upload_project
|
wordpress_file_upload
|
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators …
|
CWE-352
Origin Validation Error
|
CVE-2014-5199
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279285
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5198
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279286
|
- |
|
splunk
|
splunk
|
Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2014-5197
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279287
|
- |
|
improved_user_search_in_backend_project
|
improved_user_search_in_backend
|
Cross-site request forgery (CSRF) vulnerability in improved-user-search-in-backend.php in the backend in the Improved user search in backend plugin before 1.2.5 for WordPress allows remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5196
|
2024-11-21 11:11 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279288
|
- |
|
ayatana_project
|
unity
|
Unity before 7.2.3 and 7.3.x before 7.3.1, as used in Ubuntu, does not properly take focus of the keyboard when switching to the lock screen, which allows physically proximate attackers to bypass the…
|
CWE-362
Race Condition
|
CVE-2014-5195
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279289
|
- |
|
sphider
|
sphider
|
Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the _word_upper_bound parameter.
|
CWE-94
Code Injection
|
CVE-2014-5194
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279290
|
- |
|
sphider
|
sphider
|
Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the category parameter. NOTE: the url parameter vector…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5193
|
2024-11-21 11:11 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
