|
283531
|
- |
|
moodle
|
moodle
|
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/override_form.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0124
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283532
|
- |
|
moodle
|
moodle
|
mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0122
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283533
|
- |
|
moodle
|
moodle
|
The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0123
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283534
|
- |
|
apache
|
camel
|
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0003
|
2024-11-21 11:01 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283535
|
- |
|
apache
|
camel
|
The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0002
|
2024-11-21 11:01 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283536
|
- |
|
fedoraproject
|
389_directory_server
|
The SASL authentication functionality in 389 Directory Server before 1.2.11.26 allows remote authenticated users to connect as an arbitrary user and gain privileges via the authzid parameter in a SAS…
|
CWE-287
Improper Authentication
|
CVE-2014-0132
|
2024-11-21 11:01 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283537
|
- |
|
redhat
|
cloudforms
cloudforms_3.0_management_engine
|
The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unsp…
|
CWE-94
Code Injection
|
CVE-2014-0057
|
2024-11-21 11:01 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283538
|
- |
|
apache
oracle
canonical
|
http_server
secure_global_desktop
ubuntu_linux
|
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon cra…
|
NVD-CWE-noinfo
|
CVE-2014-0098
|
2024-11-21 11:01 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283539
|
- |
|
webmin
|
webmin
|
Cross-site scripting (XSS) vulnerability in view.cgi in Webmin before 1.680 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-0339
|
2024-11-21 11:01 |
2014-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283540
|
- |
|
watchguard
|
fireware
|
Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0338
|
2024-11-21 11:01 |
2014-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
