|
286181
|
- |
|
zillionmuslims
|
zillion_muslims
|
The Zillion Muslims (aka com.zillionmuslims.src) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain …
|
CWE-310
Cryptographic Issues
|
CVE-2014-7789
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286182
|
- |
|
os4ed
|
opensis
|
SQL injection vulnerability in openSIS 4.5 through 5.3 allows remote attackers to execute arbitrary SQL commands via the Username and password to index.php.
|
CWE-89
SQL Injection
|
CVE-2014-8366
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286183
|
- |
|
xornic
|
contact_us
|
Multiple cross-site scripting (XSS) vulnerabilities in Xornic Contact Us allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) email parameter to contact.php or (3) PA…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8365
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286184
|
- |
|
tim_rohrer
|
wordpress_spreadsheet_plugin
|
Cross-site scripting (XSS) vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ss_id p…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8364
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286185
|
- |
|
wordpress_spreadsheet_project
|
wordpress_spreadsheet
|
SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-8363
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286186
|
- |
|
huawei
|
e3276_firmware
e3236_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B…
|
CWE-352
Origin Validation Error
|
CVE-2014-8331
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286187
|
- |
|
espocrm
|
espocrm
|
Cross-site scripting (XSS) vulnerability in EspoCRM allows remote authenticated users to inject arbitrary web script or HTML via the Name field in a new account.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8330
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286188
|
- |
|
schrack
|
technik_microcontrol_firmware
technik_microcontrol
|
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for…
|
CWE-287
Improper Authentication
|
CVE-2014-8329
|
2024-11-21 11:18 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286189
|
- |
|
-
|
-
|
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authenti…
|
CWE-352
Origin Validation Error
|
CVE-2014-7874
|
2024-11-21 11:18 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286190
|
- |
|
foxitsoftware
|
foxit_pdf_sdk_activex
|
Buffer overflow in the SetLogFile method in Foxit.FoxitPDFSDKProCtrl.5 in Foxit PDF SDK ActiveX 2.3 through 5.0.1820 before 5.0.2.924 allows remote attackers to execute arbitrary code via a long stri…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8074
|
2024-11-21 11:18 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
