|
280041
|
- |
|
php_resource
|
voice_of_web_allmyguests
|
Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMG_signin_topic parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8293
|
2024-11-21 11:18 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280042
|
- |
|
yootheme
|
pagekit
|
Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to index.ph…
|
NVD-CWE-Other
|
CVE-2014-8070
|
2024-11-21 11:18 |
2014-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280043
|
- |
|
yootheme
|
pagekit
|
Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP Referer header to index.php/user or (2…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8069
|
2024-11-21 11:18 |
2014-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280044
|
4.7 |
MEDIUM
Local
|
linux
suse
|
linux_kernel
suse_linux_enterprise_server
|
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a wri…
|
CWE-362
Race Condition
|
CVE-2014-8086
|
2024-11-21 11:18 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280045
|
5.5 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which all…
|
NVD-CWE-noinfo
|
CVE-2014-7975
|
2024-11-21 11:18 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280046
|
5.5 |
MEDIUM
Local
|
novell
linux
canonical
|
suse_linux_enterprise_server
linux_kernel
ubuntu_linux
|
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-7970
|
2024-11-21 11:18 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280047
|
- |
|
drupal
|
mayo
|
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8079
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280048
|
- |
|
drupal
|
print
|
Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 6.x-1.x before 6.x-1.19, 7.x-1.x before 7.x-1.3, and 7.x-2.x before 7.x-2.0 for Drupal allows remot…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8078
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280049
|
- |
|
drupal
|
newsflash
|
Cross-site scripting (XSS) vulnerability in the NewsFlash theme 6.x-1.x before 6.x-1.7 and 7.x-1.x before 7.x-2.5 for Drupal allows remote authenticated users with the "administer themes" permission …
|
CWE-79
Cross-site Scripting
|
CVE-2014-8077
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280050
|
- |
|
drupal
|
professional_theme
|
Cross-site scripting (XSS) vulnerability in the Professional theme 7.x before 7.x-2.04 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8076
|
2024-11-21 11:18 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
