|
279711
|
- |
|
megapolis
|
megapolis.portal_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the (1) dateFrom or (2) dateTo parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8381
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279712
|
- |
|
calender_base_project
|
calender_base
|
The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library.
|
CWE-399
Resource Management Errors
|
CVE-2014-8325
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279713
|
- |
|
zend
|
zend_framework
|
The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with…
|
CWE-287
Improper Authentication
|
CVE-2014-8088
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279714
|
- |
|
redhat
|
virtual_desktop_service_manager
|
VDSM allows remote attackers to cause a denial of service (connection blocking) by keeping an SSL connection open.
|
CWE-310
Cryptographic Issues
|
CVE-2014-7968
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279715
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerab…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8380
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279716
|
- |
|
marketo_ma_project
|
marketo_ma
|
Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8379
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279717
|
- |
|
tablefield_project
|
tablefield
|
Cross-site scripting (XSS) vulnerability in the TableField module 7.x-2.x before 7.x-2.3 allows remote authenticated users with the "administer content types" or "administer taxonomy" permission to i…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8378
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279718
|
- |
|
webasyst
|
shop-script
|
Cross-site scripting (XSS) vulnerability in Webasyst Shop-Script 5.2.2.30933 allows remote attackers to inject arbitrary web script or HTML via the phone number field in a new contact to phpecom/inde…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8377
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279719
|
- |
|
site_banner_project
|
site_banner
|
Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the "Administer contexts" C…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8376
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279720
|
- |
|
gb-plugins
|
gb_gallery_slideshow
|
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a …
|
CWE-89
SQL Injection
|
CVE-2014-8375
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
