|
279791
|
- |
|
dssearchagent_project
|
dssearchagent
|
Cross-site scripting (XSS) vulnerability in client-assist.php in the dsSearchAgent: WordPress Edition plugin 1.0-beta10 and earlier for WordPress allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4522
|
2024-11-21 11:10 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279792
|
- |
|
pfsense
netgate
|
suricata_package
pfsense
|
Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via …
|
NVD-CWE-Other
|
CVE-2014-4696
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279793
|
- |
|
pfsense
netgate
|
snort_package
pfsense
|
Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1…
|
NVD-CWE-Other
|
CVE-2014-4695
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279794
|
- |
|
pfsense
netgate
|
suricata_package
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4694
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279795
|
- |
|
pfsense
netgate
|
snort_package
pfsense
|
Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4693
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279796
|
- |
|
netgate
|
pfsense
|
pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive i…
|
CWE-200
Information Exposure
|
CVE-2014-4692
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279797
|
- |
|
netgate
|
pfsense
|
Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.
|
NVD-CWE-Other
|
CVE-2014-4691
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279798
|
- |
|
netgate
|
pfsense
|
Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow …
|
CWE-22
Path Traversal
|
CVE-2014-4690
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279799
|
- |
|
netgate
|
pfsense
|
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
|
CWE-22
Path Traversal
|
CVE-2014-4689
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279800
|
- |
|
netgate
|
pfsense
|
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php…
|
NVD-CWE-Other
|
CVE-2014-4688
|
2024-11-21 11:10 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
