|
278901
|
- |
|
check_diskio_project
|
check_diskio
|
The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_statu…
|
CWE-18
Source Code
|
CVE-2014-8994
|
2024-11-21 11:20 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278902
|
- |
|
openvpn
|
openvpn_access_server
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and earlier allow remote attackers to hijack the authentication of a…
|
CWE-352
Origin Validation Error
|
CVE-2014-9104
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278903
|
- |
|
kunena
|
kunena
|
Multiple cross-site scripting (XSS) vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) index value of an array …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9103
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278904
|
- |
|
kunena
|
kunena
|
Multiple SQL injection vulnerabilities in the Kunena component before 3.0.6 for Joomla! allow remote authenticated users to execute arbitrary SQL commands via the index value in an array parameter, a…
|
CWE-89
SQL Injection
|
CVE-2014-9102
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278905
|
- |
|
skalfa
oxwall
|
skadate_lite
oxwall
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall 1.7.0 (build 7907 and 7906) and SkaDate Lite 2.0 (build 7651) allow remote attackers to hijack the authentication of administrator…
|
CWE-352
Origin Validation Error
|
CVE-2014-9101
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278906
|
- |
|
whydowork_adsense_project
|
whydowork_adsense
|
Cross-site scripting (XSS) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the idcode parameter in the whydowork_ads…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9100
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278907
|
- |
|
whydowork_adsense_project
|
whydowork_adsense
|
Cross-site request forgery (CSRF) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspeci…
|
CWE-352
Origin Validation Error
|
CVE-2014-9099
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278908
|
- |
|
apptha
|
contus_video_gallery
|
Multiple cross-site scripting (XSS) vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly before 2014-07-23, for WordPress allow remote authenticated users…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9098
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278909
|
- |
|
apptha
|
contus_video_gallery
|
Multiple SQL injection vulnerabilities in the Apptha WordPress Video Gallery (contus-video-gallery) plugin 2.5, possibly as distributed before 2014-07-23, for WordPress allow (1) remote attackers to …
|
CWE-89
SQL Injection
|
CVE-2014-9097
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278910
|
- |
|
pligg
|
pligg_cms
|
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) n parameter.
|
CWE-89
SQL Injection
|
CVE-2014-9096
|
2024-11-21 11:20 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
