|
289431
|
- |
|
opendocman
|
opendocman
|
SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the add_value parameter.
|
CWE-89
SQL Injection
|
CVE-2014-1945
|
2024-11-21 11:05 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289432
|
- |
|
ilch
|
ilch_cms
|
Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry.
|
CWE-79
Cross-site Scripting
|
CVE-2014-1944
|
2024-11-21 11:05 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289433
|
- |
|
gnu
|
gnutls
|
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1959
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289434
|
- |
|
videowhisper
|
live_streaming_integration_plugin
|
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2014-1907
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289435
|
- |
|
videowhisper
|
live_streaming_integration_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1906
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289436
|
- |
|
foscam
|
fi8919w_firmware
fi8919w
|
The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password.
|
CWE-287
Improper Authentication
|
CVE-2014-1911
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289437
|
- |
|
cmsmadesimple
|
cms_made_simple
|
SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2014-2245
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289438
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in the manage configuration page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.16 allows remote authenticated administrators to execute arbitrary SQL commands via…
|
CWE-89
SQL Injection
|
CVE-2014-2238
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289439
|
- |
|
askbot
|
askbot
|
Cross-site scripting (XSS) vulnerability in Askbot before 0.7.49 allows remote attackers to inject arbitrary web script or HTML via vectors related to the question search form.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2235
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289440
|
- |
|
askbot
|
askbot
|
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2236
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
