|
278871
|
- |
|
rules_link_project
|
rules_link
|
Cross-site scripting (XSS) vulnerability in the Rules Link module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer rules links" permission to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9740
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278872
|
- |
|
node_field_project
|
node_field
|
Cross-site scripting (XSS) vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9739
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278873
|
- |
|
tournament_project
|
tournament
|
Multiple cross-site scripting (XSS) vulnerabilities in the Tournament module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9738
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278874
|
- |
|
language_switcher_dropdown_project
|
language_switcher_dropdown
|
Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2014-9737
|
2024-11-21 11:21 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278875
|
- |
|
themepunch
|
showbiz_pro
slider_revolution
|
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX function…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9735
|
2024-11-21 11:21 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278876
|
- |
|
themepunch
|
slider_revolution
|
Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a rev…
|
CWE-22
Path Traversal
|
CVE-2014-9734
|
2024-11-21 11:21 |
2015-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278877
|
- |
|
libmspack_project
|
libmspack
|
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attacke…
|
NVD-CWE-Other
|
CVE-2014-9732
|
2024-11-21 11:21 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278878
|
- |
|
zeromq
|
zeromq
|
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
|
CWE-20
Improper Input Validation
|
CVE-2014-9721
|
2024-11-21 11:21 |
2015-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278879
|
- |
|
avm
|
fritz\!box
|
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm.
|
CWE-78
OS Command
|
CVE-2014-9727
|
2024-11-21 11:21 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278880
|
- |
|
linux
|
linux_kernel
|
include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to…
|
NVD-CWE-Other
|
CVE-2014-9715
|
2024-11-21 11:21 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
