|
281641
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors,…
|
CWE-20
Improper Input Validation
|
CVE-2014-1928
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281642
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as …
|
CWE-20
Improper Input Validation
|
CVE-2014-1927
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281643
|
- |
|
vbulletin
|
vbulletin
|
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a c…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2021
|
2024-11-21 11:05 |
2014-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281644
|
- |
|
openx
|
openx
|
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL i…
|
NVD-CWE-Other
|
CVE-2014-2230
|
2024-11-21 11:05 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281645
|
- |
|
iii
|
vtls-virtua
|
Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua before 2013.2.4 and 2014.x before 2014.1.1 allow remote attackers to execute arbit…
|
CWE-89
SQL Injection
|
CVE-2014-2081
|
2024-11-21 11:05 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281646
|
- |
|
seeddms
|
seeddms
|
Multiple directory traversal vulnerabilities in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allow (1) remote authenticated users with access to the LogManagement functionality to read arbitrary…
|
CWE-22
Path Traversal
|
CVE-2014-2279
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281647
|
- |
|
seeddms
|
seeddms
|
Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to execute arbitrary code by uploading a file with an executa…
|
CWE-20
Improper Input Validation
|
CVE-2014-2278
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281648
|
- |
|
jenkins
|
jenkins
|
The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2068
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281649
|
- |
|
jenkins
|
jenkins
|
Session fixation vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack web sessions via vectors involving the "override" of Jenkins cookies.
|
CWE-287
Improper Authentication
|
CVE-2014-2066
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281650
|
- |
|
jenkins
|
jenkins
|
Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2065
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
