|
280611
|
- |
|
barracudadrive
realtimelogic
|
barracudadrive
|
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name para…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3808
|
2024-11-21 11:08 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280612
|
- |
|
barracudadrive
|
barracudadrive
|
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) blog, (2) bloggeruser, or (3) bloggerpasswd param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3807
|
2024-11-21 11:08 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280613
|
- |
|
vmturbo
|
operations_manager
|
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter.
|
CWE-22
Path Traversal
|
CVE-2014-3806
|
2024-11-21 11:08 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280614
|
- |
|
google
|
chrome
|
The SpeechInput feature in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to enable microphone access and obtain speech-recognition text without indication via an INPUT…
|
CWE-200
Information Exposure
|
CVE-2014-3803
|
2024-11-21 11:08 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280615
|
- |
|
microsoft
|
debug_interface_access_software_development_kit
visual_studio
|
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-…
|
CWE-20
Improper Input Validation
|
CVE-2014-3802
|
2024-11-21 11:08 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280616
|
- |
|
beetel
|
450tc2_router_firmware
450tc2_router
|
Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change…
|
CWE-352
Origin Validation Error
|
CVE-2014-3792
|
2024-11-21 11:08 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280617
|
- |
|
efssoft
|
easy_file_sharing_web_server
|
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3791
|
2024-11-21 11:08 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280618
|
- |
|
call-cc
|
chicken
|
Buffer overflow in the "read-u8vector!" procedure in the srfi-4 unit in CHICKEN stable 4.8.0.7 and development snapshots before 4.9.1 allows remote attackers to cause a denial of service (memory corr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3776
|
2024-11-21 11:08 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280619
|
- |
|
construtiva
|
cis_manager_cms
|
SQL injection vulnerability in Construtiva CIS Manager allows remote attackers to execute arbitrary SQL commands via the email parameter to autenticar/lembrarlogin.asp.
|
CWE-89
SQL Injection
|
CVE-2014-3749
|
2024-11-21 11:08 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280620
|
- |
|
zenoss
|
zenoss
|
Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in t…
|
CWE-20
Improper Input Validation
|
CVE-2014-3739
|
2024-11-21 11:08 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
