|
279691
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_access_gateway
netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller
|
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensit…
|
CWE-200
Information Exposure
|
CVE-2014-4347
|
2024-11-21 11:10 |
2014-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279692
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller
netscaler_access_gateway_firmware
netscaler_access_gateway
|
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) …
|
CWE-79
Cross-site Scripting
|
CVE-2014-4346
|
2024-11-21 11:10 |
2014-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279693
|
- |
|
binarymoon
|
timthumb
wordthumb
|
TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the src parameter.
|
CWE-94
Code Injection
|
CVE-2014-4663
|
2024-11-21 11:10 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279694
|
- |
|
fortinet
|
fortiweb
|
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4738
|
2024-11-21 11:10 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279695
|
- |
|
citrix
|
xendesktop
|
Citrix XenDesktop 7.x, 5.x, and 4.x, when pooled random desktop groups is enabled and ShutdownDesktopsAfterUse is disabled, allows local guest users to gain access to another user's desktop via unspe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4700
|
2024-11-21 11:10 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279696
|
- |
|
polldaddy_polls_\&_ratings_plugin_project
|
polldaddy_polls_\&_ratings
|
Cross-site scripting (XSS) vulnerability in the Polldaddy Polls & Ratings plugin before 2.0.25 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a ra…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4856
|
2024-11-21 11:10 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279697
|
- |
|
polylang_plugin_project
|
polylang
|
Cross-site scripting (XSS) vulnerability in the Polylang plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a user description. N…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4855
|
2024-11-21 11:10 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279698
|
- |
|
smartcatdesign
|
wp_contruction_mode
|
Cross-site scripting (XSS) vulnerability in the WP Construction Mode plugin 1.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wuc_logo parameter in a save actio…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4854
|
2024-11-21 11:10 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279699
|
- |
|
opendocman
|
opendocman
|
Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name of an uploaded file.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4853
|
2024-11-21 11:10 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279700
|
- |
|
thedigitalcraft
|
atomcms
|
SQL injection vulnerability in admin/uploads.php in The Digital Craft AtomCMS, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4852
|
2024-11-21 11:10 |
2014-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
