|
281581
|
6.1 |
MEDIUM
Network
|
posh_project
|
posh
|
Multiple cross-site scripting (XSS) vulnerabilities in POSH (aka Posh portal or Portaneo) 3.0 through 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) error parameter t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2214
|
2024-11-21 11:05 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281582
|
6.1 |
MEDIUM
Network
|
posh_project
|
posh
|
Open redirect vulnerability in the password reset functionality in POSH 3.0 through 3.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in th…
|
CWE-601
Open Redirect
|
CVE-2014-2213
|
2024-11-21 11:05 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281583
|
5.5 |
MEDIUM
Local
|
rply_project
|
rply
|
python-rply before 0.7.4 insecurely creates temporary files.
|
CWE-59
Link Following
|
CVE-2014-1938
|
2024-11-21 11:05 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281584
|
7.5 |
HIGH
Network
|
gamera_project
|
gamera
|
Gamera before 3.4.1 insecurely creates temporary files.
|
CWE-20
Improper Input Validation
|
CVE-2014-1937
|
2024-11-21 11:05 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281585
|
7.5 |
HIGH
Network
|
rc_project
debian
|
rc
debian_linux
|
rc before 1.7.1-5 insecurely creates temporary files.
|
CWE-20
Improper Input Validation
|
CVE-2014-1936
|
2024-11-21 11:05 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281586
|
5.3 |
MEDIUM
Network
|
9base_project
debian
|
9base
debian_linux
|
9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames.
|
CWE-20
Improper Input Validation
|
CVE-2014-1935
|
2024-11-21 11:05 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281587
|
5.5 |
MEDIUM
Local
|
x_file_explorer_project
debian
|
x_file_explorer
debian_linux
|
X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2079
|
2024-11-21 11:05 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281588
|
7.8 |
HIGH
Local
|
enlightenment
|
enlightenment
|
Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1846
|
2024-11-21 11:05 |
2018-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281589
|
7.8 |
HIGH
Local
|
enlightenment
|
enlightenment
|
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1845
|
2024-11-21 11:05 |
2018-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281590
|
7.5 |
HIGH
Network
|
eshtery.she7ata
|
eshtery_cms
|
Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx.
|
CWE-22
Path Traversal
|
CVE-2014-2069
|
2024-11-21 11:05 |
2018-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
