|
279981
|
- |
|
mailpoet
|
mailpoet_newsletters
|
Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.11 for WordPress allows remote attackers to hijack the authentication of arbitrary u…
|
CWE-352
Origin Validation Error
|
CVE-2014-3907
|
2024-11-21 11:09 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279982
|
- |
|
little_kernel_project
|
little_kernel_bootloader
|
The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows…
|
CWE-287
Improper Authentication
|
CVE-2014-4325
|
2024-11-21 11:09 |
2014-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279983
|
- |
|
bssys
|
rbs_bs-client
|
Multiple SQL injection vulnerabilities in Bank Soft Systems (BSS) RBS BS-Client 3.17.9 allow remote attackers to execute arbitrary SQL commands via the (1) CARDS or (2) XACTION parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4197
|
2024-11-21 11:09 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279984
|
- |
|
freebsd
netbsd
|
freebsd
netbsd
|
The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the…
|
NVD-CWE-Other
|
CVE-2014-3951
|
2024-11-21 11:09 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279985
|
- |
|
kk-osk
|
advance-flow
advance-flow_forms
|
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3906
|
2024-11-21 11:09 |
2014-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279986
|
- |
|
jayj
|
cakifo
|
Cross-site scripting (XSS) vulnerability in the Cakifo theme 1.x before 1.6.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via crafted Exif data.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3903
|
2024-11-21 11:09 |
2014-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279987
|
- |
|
tenfourzero
|
shutter
|
Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3905
|
2024-11-21 11:09 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279988
|
- |
|
tenfourzero
|
shutter
|
SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3904
|
2024-11-21 11:09 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279989
|
- |
|
piwigo
|
piwigo
|
Cross-site scripting (XSS) vulnerability in admin/picture_modify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ass…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3900
|
2024-11-21 11:09 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279990
|
- |
|
cyberagent
|
ameba
|
The CyberAgent Ameba application 3.x and 4.x before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3902
|
2024-11-21 11:09 |
2014-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
