|
285691
|
- |
|
drupal
|
drupal
|
The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-1475
|
2024-11-21 11:04 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285692
|
- |
|
redhat
|
libvirt
|
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepaliv…
|
CWE-362
Race Condition
|
CVE-2014-1447
|
2024-11-21 11:04 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285693
|
- |
|
doug_poulin
|
command_school_student_management_system
|
Command School Student Management System 1.06.01 does not properly restrict access to sw/backup/backup_ray2.php, which allows remote attackers to download a database backup via a direct request.
|
CWE-200
Information Exposure
|
CVE-2014-1637
|
2024-11-21 11:04 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285694
|
- |
|
doug_poulin
|
command_school_student_management_system
|
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin…
|
CWE-89
SQL Injection
|
CVE-2014-1636
|
2024-11-21 11:04 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285695
|
- |
|
hiox
|
hiox_guest_book
|
Multiple cross-site scripting (XSS) vulnerabilities in add.php in HIOX Guest Book (HGB) 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name1, (2) email, or (3) cmt para…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1620
|
2024-11-21 11:04 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285696
|
- |
|
cubicfactory
|
cubic_cms
|
Multiple SQL injection vulnerabilities in Cubic CMS 5.1.1, 5.1.2, and 5.2 allow remote attackers to execute arbitrary SQL commands via the (1) resource_id or (2) version_id parameter to recursos/agen…
|
CWE-89
SQL Injection
|
CVE-2014-1619
|
2024-11-21 11:04 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285697
|
- |
|
uaepd
|
shopping_cart_script
|
Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) p_id parameter to products.php or id parameter …
|
CWE-89
SQL Injection
|
CVE-2014-1618
|
2024-11-21 11:04 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285698
|
- |
|
freebsd
|
freebsd
|
Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1452
|
2024-11-21 11:04 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285699
|
- |
|
linux
|
linux_kernel
|
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from ke…
|
CWE-399
Resource Management Errors
|
CVE-2014-1446
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285700
|
- |
|
linux
|
linux_kernel
|
The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information f…
|
CWE-399
Resource Management Errors
|
CVE-2014-1445
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
