|
279381
|
- |
|
bannersky
|
bsk_pdf_manager
|
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) ca…
|
CWE-89
SQL Injection
|
CVE-2014-4944
|
2024-11-21 11:11 |
2014-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279382
|
- |
|
levelfourdevelopment
|
wp-easycart
|
The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo functio…
|
CWE-200
Information Exposure
|
CVE-2014-4942
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279383
|
- |
|
cross-rss_plugin_project
|
wp-cross-rss
|
Absolute path traversal vulnerability in Cross-RSS (wp-cross-rss) plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php.
|
CWE-22
Path Traversal
|
CVE-2014-4941
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279384
|
- |
|
tera_charts_plugin_project
|
tera-charts
|
Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/…
|
CWE-22
Path Traversal
|
CVE-2014-4940
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279385
|
- |
|
enl_newsletter_plugin_project
|
enl-newsletter
|
SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the …
|
CWE-89
SQL Injection
|
CVE-2014-4939
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279386
|
- |
|
wp_rss_poster_plugin_project
|
wp-rss-poster
|
SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to w…
|
CWE-89
SQL Injection
|
CVE-2014-4938
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279387
|
- |
|
bookx_plugin_project
|
bookx
|
Directory traversal vulnerability in includes/bookx_export.php BookX plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2014-4937
|
2024-11-21 11:11 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279388
|
- |
|
pnp4nagios
|
pnp4nagios
|
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4908
|
2024-11-21 11:11 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279389
|
- |
|
op5
pnp4nagios
|
monitor
pnp4nagios
|
Cross-site scripting (XSS) vulnerability in share/pnp/application/views/kohana_error_page.php in PNP4Nagios before 0.6.22 allows remote attackers to inject arbitrary web script or HTML via a paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4907
|
2024-11-21 11:11 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279390
|
9.8 |
CRITICAL
Network
|
python
redhat
|
python
enterprise_linux
software_collections
|
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct…
|
CWE-22
Path Traversal
|
CVE-2014-4650
|
2024-11-21 11:10 |
2020-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
