|
281381
|
- |
|
modx
|
modx_revolution
|
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticate…
|
CWE-89
SQL Injection
|
CVE-2014-2736
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281382
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive file…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2393
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281383
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attack…
|
CWE-200
Information Exposure
|
CVE-2014-2392
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281384
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string represen…
|
CWE-200
Information Exposure
|
CVE-2014-2391
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281385
|
- |
|
cacti
debian
|
cacti
debian_linux
|
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters.
|
NVD-CWE-Other
|
CVE-2014-2709
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281386
|
- |
|
opensuse
otrs
|
opensuse
otrs
|
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element.
|
CWE-20
Improper Input Validation
|
CVE-2014-2554
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281387
|
- |
|
cacti
fedoraproject
opensuse
debian
|
cacti
fedora
opensuse
debian_linux
|
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2328
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281388
|
- |
|
cacti
debian
opensuse
|
cacti
debian_linux
opensuse
|
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by request…
|
CWE-352
Origin Validation Error
|
CVE-2014-2327
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281389
|
- |
|
knowledgetree
|
knowledgetree
|
SQL injection vulnerability in the get_active_session function in the KTAPI_UserSession class in webservice/clienttools/services/mdownload.php in KnowledgeTree 3.7.0.2 and earlier allows remote attac…
|
CWE-89
SQL Injection
|
CVE-2014-2737
|
2024-11-21 11:06 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281390
|
- |
|
papercut
|
papercut_ng
papercut_mf
|
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified …
|
CWE-352
Origin Validation Error
|
CVE-2014-2659
|
2024-11-21 11:06 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
