|
281531
|
- |
|
schneider-electric
aveva
|
scada_expert_clearscada
clearscada
|
Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5412
|
2024-11-21 11:12 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281532
|
- |
|
fatfreecrm
|
fat_free_crm
|
Multiple cross-site scripting (XSS) vulnerabilities in app/views/layouts/application.html.haml in Fat Free CRM before 0.13.3 allow remote attackers to inject arbitrary web script or HTML via the (1) …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5441
|
2024-11-21 11:12 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281533
|
- |
|
mpexsolutions
|
mx-smartimer
|
SQL injection vulnerability in Login.aspx in MPEX Business Solutions MX-SmartTimer before 13.19.18 allows remote attackers to execute arbitrary SQL commands via the ct100%24CPHContent%24password para…
|
CWE-89
SQL Injection
|
CVE-2014-5440
|
2024-11-21 11:12 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281534
|
- |
|
tribulant
|
tibulant_slideshow_gallery
|
Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then a…
|
CWE-20
Improper Input Validation
|
CVE-2014-5460
|
2024-11-21 11:12 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281535
|
- |
|
phpwiki_project
|
phpwiki
|
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell metacharacters in a device option in the edit[content] parameter to index.php/HeIp. NOTE: some of the…
|
CWE-94
Code Injection
|
CVE-2014-5519
|
2024-11-21 11:12 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281536
|
- |
|
miniclip
|
mini_pets
|
The Mini Pets (aka com.miniclip.animalshelter) application 2.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain …
|
CWE-310
Cryptographic Issues
|
CVE-2014-5817
|
2024-11-21 11:12 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281537
|
- |
|
meipai
|
meipai
|
The MeiPai (aka com.meitu.meipaimv) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive i…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5816
|
2024-11-21 11:12 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281538
|
- |
|
mavenhut
|
solitaire_arena
|
The Solitaire Arena (aka com.mavenhut.solitaire) application 1.0.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5815
|
2024-11-21 11:12 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281539
|
- |
|
alrazylabs
|
lostword
|
The lostword (aka zozo.android.lostword) application 5.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitiv…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5813
|
2024-11-21 11:12 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281540
|
- |
|
viedemerde
|
vdm_officiel
|
The VDM Officiel (aka vdm.activities) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive inf…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5812
|
2024-11-21 11:12 |
2014-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
