|
282811
|
9.8 |
CRITICAL
Network
|
mrlg4php_project
|
mrlg4php
|
mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code.
|
CWE-94
Code Injection
|
CVE-2014-3927
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282812
|
6.1 |
MEDIUM
Network
|
lg_project
|
lg
|
Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3926
|
2024-11-21 11:09 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282813
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core T…
|
NVD-CWE-noinfo
|
CVE-2014-4279
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282814
|
- |
|
oracle
|
oracle_and_sun_systems_product_suite
|
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows remote authenticated users to affect confidentiality, integrity, and availability vi…
|
NVD-CWE-noinfo
|
CVE-2014-4259
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282815
|
- |
|
mongodb
|
mongodb
|
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) …
|
CWE-20
Improper Input Validation
|
CVE-2014-3971
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282816
|
- |
|
linux
|
linux_kernel
|
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-4322
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282817
|
- |
|
linux
|
linux_kernel
|
The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and ot…
|
CWE-20
Improper Input Validation
|
CVE-2014-4323
|
2024-11-21 11:09 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282818
|
- |
|
zohocorp
|
manageengine_password_manager_pro
manageengine_it360
|
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 an…
|
CWE-89
SQL Injection
|
CVE-2014-3997
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282819
|
- |
|
manageengine
|
it360
password_manager_pro
desktop_central
|
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager…
|
CWE-89
SQL Injection
|
CVE-2014-3996
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282820
|
- |
|
sunhater
|
kcfinder
|
Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) file or (2) directory (folder) name …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3988
|
2024-11-21 11:09 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
