|
287401
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote…
|
CWE-200
Information Exposure
|
CVE-2014-4746
|
2024-11-21 11:10 |
2014-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287402
|
- |
|
ibm
|
content_collector
|
The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4757
|
2024-11-21 11:10 |
2014-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287403
|
- |
|
embarcadero
|
er\/studio_data_architect
|
Stack-based buffer overflow in the loadExtensionFactory method in the TSVisualization ActiveX control in Embarcadero ER/Studio Data Architect allows remote attackers to execute arbitrary code via uns…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4647
|
2024-11-21 11:10 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287404
|
- |
|
aas9
|
zerocms
|
Cross-site scripting (XSS) vulnerability in zero_user_account.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the Full Name field.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4710
|
2024-11-21 11:10 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287405
|
- |
|
mailpoet
|
mailpoet_newsletters
|
Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2014-4726
|
2024-11-21 11:10 |
2014-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287406
|
- |
|
mailpoet
|
mailpoet_newsletters
|
The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-a…
|
CWE-287
Improper Authentication
|
CVE-2014-4725
|
2024-11-21 11:10 |
2014-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287407
|
- |
|
gurock
|
testrail
|
Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4857
|
2024-11-21 11:10 |
2014-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287408
|
- |
|
ibm
|
sametime
|
Cross-site scripting (XSS) vulnerability in the Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4748
|
2024-11-21 11:10 |
2014-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287409
|
- |
|
ibm
|
sametime
|
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML…
|
CWE-200
Information Exposure
|
CVE-2014-4747
|
2024-11-21 11:10 |
2014-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287410
|
- |
|
blogengine
|
e2
|
SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process.
|
CWE-89
SQL Injection
|
CVE-2014-4736
|
2024-11-21 11:10 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
