|
278691
|
- |
|
efssoft
|
easy_file_sharing_web_server
|
Cross-site scripting (XSS) vulnerability in Easy File Sharing Web Server 6.8 allows remote attackers to inject arbitrary web script or HTML via the username field during registration, which is not pr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9439
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278692
|
- |
|
vbulletin
|
vbulletin
|
Cross-site request forgery (CSRF) vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that (1) ban a us…
|
CWE-352
Origin Validation Error
|
CVE-2014-9438
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278693
|
- |
|
sliding_social_icons_project
|
sliding_social_icons
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Sliding Social Icons plugin 1.61 for WordPress allow remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2014-9437
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278694
|
- |
|
sysaid
|
sysaid
|
Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.
|
CWE-22
Path Traversal
|
CVE-2014-9436
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278695
|
- |
|
absolutengine
|
absolut_engine
|
Multiple SQL injection vulnerabilities in Absolut Engine 1.73 allow remote authenticated users to execute arbitrary SQL commands via the (1) sectionID parameter to admin/managersection.php, (2) userI…
|
CWE-89
SQL Injection
|
CVE-2014-9435
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278696
|
- |
|
absolutengine
|
absolut_engine
|
Cross-site scripting (XSS) vulnerability in admin/managerrelated.php in the administrative backend in Absolut Engine 1.73 allows remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9434
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278697
|
- |
|
contenido
|
contendio
|
Multiple cross-site scripting (XSS) vulnerabilities in cms/front_content.php in Contenido before 4.9.6, when advanced mod rewrite (AMR) is disabled, allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9433
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278698
|
- |
|
s9y
|
serendipity
|
Multiple cross-site scripting (XSS) vulnerabilities in templates/2k11/admin/overview.inc.tpl in Serendipity before 2.0-rc2 allow remote attackers to inject arbitrary web script or HTML via a blog com…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9432
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278699
|
- |
|
smoothwall
|
smoothwall
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1)…
|
CWE-352
Origin Validation Error
|
CVE-2014-9431
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278700
|
- |
|
smoothwall
|
smoothwall
|
Cross-site scripting (XSS) vulnerability in httpd/cgi-bin/vpn.cgi/vpnconfig.dat in Smoothwall Express 3.0 SP3 allows remote attackers to inject arbitrary web script or HTML via the COMMENT parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9430
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
