|
281911
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via…
|
CWE-89
SQL Injection
|
CVE-2014-2238
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281912
|
- |
|
askbot
|
askbot
|
Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2235
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281913
|
- |
|
askbot
|
askbot
|
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2236
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281914
|
- |
|
getgosoft
|
getgo_download_manager
|
Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2206
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281915
|
- |
|
apple
|
mac_os_x
|
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify ca…
|
CWE-20
Improper Input Validation
|
CVE-2014-2234
|
2024-11-21 11:05 |
2014-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281916
|
- |
|
jordy_meow
|
media_file_renamer
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) callback_multicheck, (2) callback_radio, and (3) callback_wysiwygin functions in mfrh_class.settings-api.php in the Media File Renamer p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2040
|
2024-11-21 11:05 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281917
|
- |
|
posh_project
|
posh
|
SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter.
|
CWE-89
SQL Injection
|
CVE-2014-2211
|
2024-11-21 11:05 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281918
|
- |
|
artifex
|
mupdf
|
Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the Context…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2013
|
2024-11-21 11:05 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281919
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search actio…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1840
|
2024-11-21 11:05 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281920
|
- |
|
google
lenovo
|
android
shareit
|
java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute ar…
|
CWE-94
Code Injection
|
CVE-2014-1939
|
2024-11-21 11:05 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
