|
279711
|
- |
|
kajona
|
kajona
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) search_ajax.tpl and (2) search_ajax_small.tpl in templates/default/tpl/module_search/ in the Search module (module_search) in Kajona before …
|
CWE-79
Cross-site Scripting
|
CVE-2014-4743
|
2024-11-21 11:10 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279712
|
- |
|
kajona
|
kajona
|
Cross-site scripting (XSS) vulnerability in system/class_link.php in the System module (module_system) in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the syst…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4742
|
2024-11-21 11:10 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279713
|
- |
|
artifectx
|
xclassified
|
SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4741
|
2024-11-21 11:10 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279714
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows …
|
CWE-362
Race Condition
|
CVE-2014-4699
|
2024-11-21 11:10 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279715
|
- |
|
adobe
|
flash_player
adobe_air
adobe_air_sdk
|
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adob…
|
CWE-352
Origin Validation Error
|
CVE-2014-4671
|
2024-11-21 11:10 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279716
|
- |
|
custom_banners_project
|
custom_banners
|
Cross-site scripting (XSS) vulnerability in the Custom Banners plugin 1.2.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the custom_banners_registered_name param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4724
|
2024-11-21 11:10 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279717
|
- |
|
easy_banners_plugin_project
|
easy_banners
|
Cross-site scripting (XSS) vulnerability in the Easy Banners plugin 1.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter to wp-admin/options-general…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4723
|
2024-11-21 11:10 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279718
|
- |
|
ocsinventory-ng
|
ocsinventory_ng
|
Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4722
|
2024-11-21 11:10 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279719
|
- |
|
foxitsoftware
|
foxit_pdf_sdk_dll
|
Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4646
|
2024-11-21 11:10 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279720
|
- |
|
php
debian
|
php
debian_linux
|
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_S…
|
CWE-200
Information Exposure
|
CVE-2014-4721
|
2024-11-21 11:10 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
