|
280101
|
- |
|
aas9
|
zerocms
|
SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.
|
CWE-89
SQL Injection
|
CVE-2014-4194
|
2024-11-21 11:09 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280102
|
- |
|
xen
|
xen
|
The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which al…
|
CWE-200
Information Exposure
|
CVE-2014-4022
|
2024-11-21 11:09 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280103
|
- |
|
rimarts
|
becky\!_internet_mail
|
Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows remote POP3 servers to execute arbitrary code via a crafted response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3891
|
2024-11-21 11:09 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280104
|
- |
|
kryo
|
iodine
|
(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
|
CWE-287
Improper Authentication
|
CVE-2014-4168
|
2024-11-21 11:09 |
2014-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280105
|
- |
|
aas9
|
zerocms
|
Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4195
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280106
|
- |
|
opensuse
cacti
|
opensuse
cacti
|
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4002
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280107
|
- |
|
kanboard
|
kanboard
|
Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0.6 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a save…
|
CWE-352
Origin Validation Error
|
CVE-2014-3920
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280108
|
- |
|
kerio
|
control
|
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via th…
|
CWE-89
SQL Injection
|
CVE-2014-3857
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280109
|
- |
|
silex
|
sx-2000wg_firmware
|
silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via a crafted IP packet, a different vulnerability than CVE-2014-3889.
|
CWE-20
Improper Input Validation
|
CVE-2014-3890
|
2024-11-21 11:09 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280110
|
- |
|
silex
|
sx-2000wg_firmware
|
silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via crafted data in the Options field of a TCP header, a different vulnera…
|
CWE-20
Improper Input Validation
|
CVE-2014-3889
|
2024-11-21 11:09 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
