|
278571
|
- |
|
linksys
|
ea4500_firmware
ea4500
ea6500_firmware
ea6500
ea6400_firmware
ea6400
e4200v2_firmware
e4200v2
ea6300_firmware
ea6300
ea6900_firmware
ea6900
ea2700_firmware
ea27…
|
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300,…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8243
|
2024-11-21 11:18 |
2014-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278572
|
- |
|
wp-dbmanager_project
|
wp-dbmanager
|
The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) $backup['filepath'] (aka …
|
CWE-78
OS Command
|
CVE-2014-8334
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278573
|
- |
|
redhat
openstack
|
openstack
nova
|
The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.
|
CWE-399
Resource Management Errors
|
CVE-2014-8333
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278574
|
- |
|
testlink
|
testlink
|
lib/functions/database.class.php in TestLink before 1.9.13 allows remote attackers to obtain sensitive information via unspecified vectors, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2014-8082
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278575
|
- |
|
testlink
|
testlink
|
lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filter_result_result parameter.
|
CWE-94
Code Injection
|
CVE-2014-8081
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278576
|
- |
|
espocrm
|
espocrm
|
Cross-site scripting (XSS) vulnerability in EspoCRM before 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the desc parameter in an errors action to install/index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7987
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278577
|
- |
|
espocrm
|
espocrm
|
install/index.php in EspoCRM before 2.6.0 allows remote attackers to re-install the application via a 1 value in the installProcess parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7986
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278578
|
- |
|
espocrm
|
espocrm
|
Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter to install/index.php.
|
CWE-22
Path Traversal
|
CVE-2014-7985
|
2024-11-21 11:18 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278579
|
- |
|
hp
|
hp-ux
|
Unspecified vulnerability in the kernel in HP HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-7877
|
2024-11-21 11:18 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278580
|
- |
|
fal_sftp_project
|
fal_sftp
|
The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-8327
|
2024-11-21 11:18 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
