|
281661
|
- |
|
alienvault
|
open_source_security_information_management
|
The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2014-5158
|
2024-11-21 11:11 |
2014-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281662
|
- |
|
schrack
|
technik_microcontrol_firmware
technik_microcontrol
|
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5382
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281663
|
- |
|
owncloud
|
owncloud
|
Directory traversal vulnerability in the routing component in ownCloud Server before 5.0.17 and 6.0.x before 6.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot d…
|
CWE-22
Path Traversal
|
CVE-2014-4929
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281664
|
- |
|
bitdefender
|
gravityzone
|
Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/…
|
CWE-22
Path Traversal
|
CVE-2014-5350
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281665
|
- |
|
baidu
|
spark_browser
|
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5349
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281666
|
- |
|
riverbed
|
steelapp_traffic_manager
|
Cross-site scripting (XSS) vulnerability in apps/zxtm/locallog.cgi in Riverbed Stingray (aka SteelApp) Traffic Manager Virtual Appliance 9.6 patchlevel 9620140312 allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5348
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281667
|
- |
|
disqus
|
disqus_comment_system
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin before 2.76 for WordPress allow remote attackers to hijack the authentication of administrators for requ…
|
CWE-352
Origin Validation Error
|
CVE-2014-5347
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281668
|
- |
|
disqus
|
disqus_comment_system
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Disqus Comment System plugin 2.77 for WordPress allow remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2014-5346
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281669
|
- |
|
disqus
|
disqus_comment_system
|
Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5345
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281670
|
- |
|
mobiloud
|
mobiloud
|
Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (mobiloud-mobile-app-plugin) plugin before 2.3.8 for WordPress allow remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5344
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
