|
285471
|
- |
|
sendy
|
sendy
|
SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter.
|
CWE-89
SQL Injection
|
CVE-2014-100012
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285472
|
- |
|
sendy
|
sendy
|
SQL injection vulnerability in /send-to in Sendy 1.1.9.1 allows remote attackers to execute arbitrary SQL commands via the c parameter.
|
CWE-89
SQL Injection
|
CVE-2014-100011
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285473
|
- |
|
fluxbb
|
fluxbb
|
Open redirect vulnerability in forums/login.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL …
|
NVD-CWE-Other
|
CVE-2014-10030
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285474
|
- |
|
fluxbb
|
fluxbb
|
SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter.
|
CWE-89
SQL Injection
|
CVE-2014-10029
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285475
|
- |
|
dlink
|
dap-1360_firmware
|
Cross-site scripting (XSS) vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi …
|
CWE-79
Cross-site Scripting
|
CVE-2014-10028
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285476
|
- |
|
dlink
|
dap-1360_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for reque…
|
CWE-352
Origin Validation Error
|
CVE-2014-10027
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285477
|
- |
|
dlink
|
dap-1360_firmware
|
index.cgi in D-Link DAP-1360 with firmware 2.5.4 and earlier allows remote attackers to bypass authentication and obtain sensitive information by setting the client_login cookie to admin.
|
CWE-200
Information Exposure
|
CVE-2014-10026
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285478
|
- |
|
dlink
|
dap-1360_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2014-10025
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285479
|
- |
|
divx
|
directshowdemuxfilter
player
web_player
|
Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2…
|
CWE-189
Numeric Errors
|
CVE-2014-10024
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285480
|
- |
|
topicsviewer
|
topicsviewer
|
Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.…
|
CWE-89
SQL Injection
|
CVE-2014-10023
|
2024-11-21 11:03 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
