|
279371
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the PMA_getHtmlForActionLinks function in libraries/structure.lib.php in phpMyAdmin 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4954
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279372
|
- |
|
linux
suse
opensuse
redhat
debian
|
linux_kernel
linux_enterprise_desktop
linux_enterprise_server
opensuse
enterprise_linux_server_aus
debian_linux
|
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket.
|
CWE-269
Improper Privilege Management
|
CVE-2014-4943
|
2024-11-21 11:11 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279373
|
- |
|
sonicwall
|
scrutinizer
|
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) selectedUserGroup parameter in a create new …
|
CWE-89
SQL Injection
|
CVE-2014-4977
|
2024-11-21 11:11 |
2014-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279374
|
- |
|
sonicwall
|
scrutinizer
|
Dell SonicWall Scrutinizer 11.0.1 allows remote authenticated users to change user passwords via the user ID in the savePrefs parameter in a change password request to cgi-bin/admin.cgi.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4976
|
2024-11-21 11:11 |
2014-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279375
|
- |
|
shopizer
|
shopizer
|
Multiple cross-site scripting (XSS) vulnerabilities in Shopizer 1.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) customername parameter to central/orders/se…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4965
|
2024-11-21 11:11 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279376
|
- |
|
shopizer
|
shopizer
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Shopizer 1.1.5 and earlier allow remote attackers to hijack the authentication of users for requests that (1) modify customer settings or…
|
CWE-352
Origin Validation Error
|
CVE-2014-4964
|
2024-11-21 11:11 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279377
|
- |
|
shopizer
|
shopizer
|
Shopizer 1.1.5 and earlier allows remote attackers to modify the account settings of arbitrary users via the customer.customerId parameter to shop/profile/register.action.
|
NVD-CWE-noinfo
|
CVE-2014-4963
|
2024-11-21 11:11 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279378
|
- |
|
shopizer
|
shopizer
|
Shopizer 1.1.5 and earlier allows remote attackers to reduce the total cost of their shopping cart via a negative number in the productQuantity parameter, which causes the price of the item to be sub…
|
CWE-189
Numeric Errors
|
CVE-2014-4962
|
2024-11-21 11:11 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279379
|
- |
|
horde
|
internet_mail_program
groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4946
|
2024-11-21 11:11 |
2014-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279380
|
- |
|
horde
|
internet_mail_program
groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4945
|
2024-11-21 11:11 |
2014-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
