|
286811
|
- |
|
xangati
|
xangati_software_release
xangati_xnr
|
Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via shell metacharacters in a gui_input_test.pl params parameter to servlet/Installer.
|
CWE-78
OS Command
|
CVE-2014-0359
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286812
|
- |
|
xangati
|
xangati_software_release
xangati_xnr
|
Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the file parameter in a getUpgradeStatu…
|
CWE-22
Path Traversal
|
CVE-2014-0358
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286813
|
- |
|
amtelco
|
misecuremessages
|
Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request…
|
CWE-287
Improper Authentication
|
CVE-2014-0357
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286814
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_langua…
|
CWE-78
OS Command
|
CVE-2014-0356
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286815
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allow man-in-the-middle attackers to execute arbitrary code via (1) a long temp att…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0355
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286816
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login ac…
|
CWE-255
Credentials Management
|
CVE-2014-0354
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286817
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to bypass authentication by using %2F sequences in place of / (slash) characters.
|
CWE-287
Improper Authentication
|
CVE-2014-0353
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286818
|
- |
|
ontariosystems
|
artiva_healthcare
artiva_rm
artiva_architect
artiva_workstation
|
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option…
|
CWE-287
Improper Authentication
|
CVE-2014-0348
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286819
|
- |
|
pivotx
|
pivotx
|
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .p…
|
NVD-CWE-Other
|
CVE-2014-0342
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286820
|
- |
|
pivotx
|
pivotx
|
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0341
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
