|
293081
|
- |
|
ecava
|
integraxor
|
The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0752
|
2024-11-21 11:02 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293082
|
- |
|
cisco
|
unified_communications_manager
|
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-ba…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0657
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293083
|
- |
|
cisco
|
context_directory_agent
|
Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353.
|
CWE-20
Improper Input Validation
|
CVE-2014-0656
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293084
|
- |
|
cisco
|
adaptive_security_appliance
|
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS C…
|
CWE-20
Improper Input Validation
|
CVE-2014-0655
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293085
|
- |
|
cisco
|
context_directory_agent
|
Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383.
|
CWE-20
Improper Input Validation
|
CVE-2014-0654
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293086
|
- |
|
cisco
|
adaptive_security_appliance
|
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe…
|
CWE-20
Improper Input Validation
|
CVE-2014-0653
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293087
|
- |
|
cisco
|
context_directory_agent
|
Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0652
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293088
|
- |
|
cisco
|
context_directory_agent
|
The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0651
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293089
|
- |
|
technicolor
|
tc7200_firmware
tc7200
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2014-0621
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293090
|
- |
|
technicolor
|
tc7200_firmware
tc7200
|
Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to inject arbitrary web script or HTML via the (1) ADDNewDomain paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0620
|
2024-11-21 11:02 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
