|
279331
|
- |
|
apple
canonical
|
cups
ubuntu_linux
|
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerabilit…
|
CWE-59
Link Following
|
CVE-2014-5029
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279332
|
- |
|
canonical
fedoraproject
gentoo
transmissionbt
|
ubuntu_linux
fedora
linux
transmission
|
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via …
|
CWE-189
Numeric Errors
|
CVE-2014-4909
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279333
|
- |
|
visualware
|
myconnection_server
|
Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9.7i allow remote attackers to inject arbitrary web script or HTML via the (1) testtype, (2) ver, (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5113
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279334
|
- |
|
netfortris
|
trixbox
|
maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacters in the lang parameter.
|
CWE-94
Code Injection
|
CVE-2014-5112
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279335
|
- |
|
netfortris
|
trixbox
|
Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/aster…
|
CWE-22
Path Traversal
|
CVE-2014-5111
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279336
|
- |
|
netfortris
|
trixbox
|
Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject arbitrary web script or HTML via the id_nodo parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5110
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279337
|
- |
|
netfortris
|
trixbox
|
SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action.
|
CWE-89
SQL Injection
|
CVE-2014-5109
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279338
|
- |
|
concrete5
concretecms
|
concrete5
concrete_cms
|
Cross-site scripting (XSS) vulnerability in single_pages\download_file.php in concrete5 before 5.6.3 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to inde…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5108
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279339
|
- |
|
concrete5
concretecms
|
concrete5
concrete_cms
|
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to (1) system/basics/editor.php, (2) system/view.php, (3) system/environment/file_storage_locations…
|
CWE-200
Information Exposure
|
CVE-2014-5107
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279340
|
- |
|
invisioncommunity
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in Invision Power IP.Board (aka IPB or Power Board) 3.4.x through 3.4.6 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer he…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5106
|
2024-11-21 11:11 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
