|
280201
|
- |
|
schrack
|
technik_microcontrol_firmware
technik_microcontrol
|
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for…
|
CWE-287
Improper Authentication
|
CVE-2014-8329
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280202
|
- |
|
-
|
-
|
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authenti…
|
CWE-352
Origin Validation Error
|
CVE-2014-7874
|
2024-11-21 11:18 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280203
|
- |
|
foxitsoftware
|
foxit_pdf_sdk_activex
|
Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long stri…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8074
|
2024-11-21 11:18 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280204
|
- |
|
openstack
|
swift
|
OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when c…
|
CWE-399
Resource Management Errors
|
CVE-2014-7960
|
2024-11-21 11:18 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280205
|
- |
|
custom_search_project
|
custom_search
|
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with certain permissions to injec…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8320
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280206
|
- |
|
easy_social_project
|
easy_social
|
Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8319
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280207
|
- |
|
webform_project
|
webform
|
Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x before 6.x-3.20, 7.x-3.x before 7.x-3.20, and 7.x-4.x before 7.x-4.0-beta2 for Drupal allows remote authenticated users with cer…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8318
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280208
|
- |
|
webform_validation_project
|
webform_validation
|
Cross-site scripting (XSS) vulnerability in the Webform Validation module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to in…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8317
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280209
|
- |
|
sap
|
businessobjects_explorer
|
XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 allows remote attackers to read arbitrary files via the xmlParameter parameter in an explo…
|
NVD-CWE-Other
|
CVE-2014-8316
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280210
|
- |
|
sap
|
businessobjects_explorer
|
polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 replies with different timing depending on if a connection can be made, which allows remote attackers to conduct port scanning attack…
|
CWE-200
Information Exposure
|
CVE-2014-8315
|
2024-11-21 11:18 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
