|
282671
|
- |
|
zohocorp
|
manageengine_eventlog_analyzer
|
Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows remote attackers to inject arbitrary web script or HTML via the j_username parameter to event/j_sec…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5103
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282672
|
- |
|
vbulletin
|
vbulletin
|
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.
|
CWE-89
SQL Injection
|
CVE-2014-5102
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282673
|
- |
|
webidsupport
|
webid
|
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) T…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5101
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282674
|
- |
|
omeka
|
omeka
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user accou…
|
CWE-352
Origin Validation Error
|
CVE-2014-5100
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282675
|
- |
|
reviewboard
|
review_board
|
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff frag…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5027
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282676
|
- |
|
sonicwall
|
uma_em5000
global_management_system
analyzer
|
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5024
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282677
|
- |
|
netbsd
eterna
|
netbsd
bozohttpd
|
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5015
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282678
|
- |
|
netgear
acme
dlink
|
wgr614
micro_httpd
mr-adsl-dg834
dsl2750u
dsl2740u
|
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4927
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282679
|
- |
|
x
|
xf86-video-intel
|
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface nam…
|
CWE-22
Path Traversal
|
CVE-2014-4910
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282680
|
- |
|
tenable
|
nessus
web_ui
|
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
|
CWE-200
Information Exposure
|
CVE-2014-4980
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
