|
284491
|
- |
|
wpeasycart
|
wp_easycart
|
Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart (aka WordPress Shopping Cart) plugin before 3.0.9 allows remote authenticated users to …
|
NVD-CWE-Other
|
CVE-2014-9308
|
2024-11-21 11:20 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284492
|
- |
|
codewrights
|
hart_device_type_manager
|
The CodeWrights HART Device Type Manager (DTM) library in Emerson HART DTM before 1.4.181 allows physically proximate attackers to cause a denial of service (DTM outage and FDT Frame application hang…
|
CWE-399
Resource Management Errors
|
CVE-2014-9191
|
2024-11-21 11:20 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284493
|
- |
|
schneider-electric
|
wonderware_intouch_access_anywhere_server
|
Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9190
|
2024-11-21 11:20 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284494
|
- |
|
debian
mantisbt
|
debian_linux
mantisbt
|
The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting (XSS) attack…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9272
|
2024-11-21 11:20 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284495
|
5.4 |
MEDIUM
Network
|
debian
mantisbt
|
debian_linux
mantisbt
|
Cross-site scripting (XSS) vulnerability in file_download.php in MantisBT before 1.2.18 allows remote authenticated users to inject arbitrary web script or HTML via a Flash file with an image extensi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9271
|
2024-11-21 11:20 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284496
|
- |
|
mantisbt
debian
|
mantisbt
debian_linux
|
Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x before 1.2.18, when Extended project browser is enabled, allows remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9269
|
2024-11-21 11:20 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284497
|
- |
|
deliciousdays
|
cformsii
|
Unrestricted file upload vulnerability in lib_nonajax.php in the CformsII plugin 14.7 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executabl…
|
NVD-CWE-Other
|
CVE-2014-9473
|
2024-11-21 11:20 |
2015-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284498
|
- |
|
strongswan
opensuse
canonical
fedoraproject
debian
|
strongswan
opensuse
ubuntu_linux
fedora
debian_linux
|
strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) g…
|
CWE-19
Data Processing Errors
|
CVE-2014-9221
|
2024-11-21 11:20 |
2015-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284499
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev40, 7.6.0 before 7.6.0-rev32, and 7.6.1 before 7.6.1-rev11 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8993
|
2024-11-21 11:20 |
2015-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284500
|
- |
|
sonatype
|
nexus
|
Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-9389
|
2024-11-21 11:20 |
2015-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
