|
282491
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.p…
|
CWE-89
SQL Injection
|
CVE-2014-5308
|
2024-11-21 11:11 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282492
|
- |
|
netcommwireless
|
nb604n_firmware
nb604n
|
Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2014-4871
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282493
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges…
|
CWE-20
Improper Input Validation
|
CVE-2014-4870
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282494
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4869
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282495
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console comma…
|
CWE-78
OS Command
|
CVE-2014-4868
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282496
|
- |
|
content_audit_project
|
content_audit
|
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content typ…
|
CWE-89
SQL Injection
|
CVE-2014-5389
|
2024-11-21 11:11 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282497
|
- |
|
rockwellautomation
|
ab_micrologix_controller
|
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause…
|
CWE-399
Resource Management Errors
|
CVE-2014-5410
|
2024-11-21 11:11 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282498
|
- |
|
drupal
|
drupal
|
modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to have unspecified impact via a crafted DOCTYPE declaration in an XRDS document.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5267
|
2024-11-21 11:11 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282499
|
- |
|
telerik
|
asp.net_ajax_radeditor_control
|
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4958
|
2024-11-21 11:11 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282500
|
- |
|
najeebmedia
|
n-media_file_uploader
|
Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to …
|
CWE-94
Code Injection
|
CVE-2014-5324
|
2024-11-21 11:11 |
2014-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
