|
287151
|
- |
|
egroupware
|
egroupware
|
EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbit…
|
CWE-94
Code Injection
|
CVE-2014-2988
|
2024-11-21 11:07 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287152
|
- |
|
egroupware
|
egroupware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 be…
|
CWE-352
Origin Validation Error
|
CVE-2014-2987
|
2024-11-21 11:07 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287153
|
- |
|
bottlepy
|
bottle
|
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepte…
|
CWE-20
Improper Input Validation
|
CVE-2014-3137
|
2024-11-21 11:07 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287154
|
- |
|
fogproject
|
fog
|
Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 through 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Man…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3111
|
2024-11-21 11:07 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287155
|
- |
|
cisco
|
asyncos
|
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filterin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3381
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287156
|
- |
|
cisco
|
telepresence_video_communication_server_software
expressway_software
|
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCu…
|
CWE-399
Resource Management Errors
|
CVE-2014-3370
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287157
|
- |
|
cisco
|
expressway_software
telepresence_video_communication_server_software
|
The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted…
|
CWE-399
Resource Management Errors
|
CVE-2014-3369
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287158
|
- |
|
cisco
|
telepresence_video_communication_server_software
expressway_software
|
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug…
|
CWE-399
Resource Management Errors
|
CVE-2014-3368
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287159
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before 8.5.5.4 does not properly handle HTTP headers, which allows remote attackers to obtain sensitive cookie…
|
CWE-20
Improper Input Validation
|
CVE-2014-3021
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287160
|
- |
|
twitget_project
|
twitget
|
Multiple cross-site scripting (XSS) vulnerabilities in twitget.php in the Twitget plugin before 3.3.3 for WordPress allow remote authenticated administrators to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2995
|
2024-11-21 11:07 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
