|
281141
|
6.1 |
MEDIUM
Network
|
oliver_project
|
oliver
|
Multiple cross-site scripting (XSS) vulnerabilities in Oliver (formerly Webshare) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the (1) login pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2710
|
2024-11-21 11:06 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281142
|
- |
|
php_font_lib_project
|
php_font_lib
|
Cross-site scripting (XSS) vulnerability in www/make_subset.php in PHP Font Lib before 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2570
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281143
|
- |
|
check_mk_project
|
check_mk
|
Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allows remote authenticated users to delete arbitrary files via a request to an unspecified link, related to "Insecure Direct Object References." NOT…
|
CWE-20
Improper Input Validation
|
CVE-2014-2332
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281144
|
- |
|
check_mk_project
|
check_mk
|
Check_MK 1.2.2p2, 1.2.2p3, and 1.2.3i5 allows remote authenticated users to execute arbitrary Python code via a crafted rules.mk file in a snapshot. NOTE: this can be exploited by remote attackers b…
|
CWE-94
Code Injection
|
CVE-2014-2331
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281145
|
- |
|
check_mk_project
|
check_mk
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload ar…
|
CWE-352
Origin Validation Error
|
CVE-2014-2330
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281146
|
- |
|
check_mk_project
|
check_mk
|
Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent stri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2329
|
2024-11-21 11:06 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281147
|
- |
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity
|
The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM) file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2355
|
2024-11-21 11:06 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281148
|
- |
|
quick_page\/post_redirect_project
|
quick_page\/post_redirect
|
Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post Redirect plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2014-2598
|
2024-11-21 11:06 |
2015-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281149
|
- |
|
ekahau
|
real-time_location_system_controller
activator
b4_staff_badge_tag_firmware
|
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers t…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2716
|
2024-11-21 11:06 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281150
|
- |
|
emc
|
rsa_authentication_manager
|
Open redirect vulnerability in EMC RSA Authentication Manager 8.x before 8.1 Patch 6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vect…
|
NVD-CWE-Other
|
CVE-2014-2516
|
2024-11-21 11:06 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
