|
285161
|
- |
|
huawei
|
espace_desktop
|
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71en…
|
NVD-CWE-Other
|
CVE-2014-9416
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285162
|
- |
|
huawei
|
espace_desktop
|
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file.
|
CWE-20
Improper Input Validation
|
CVE-2014-9415
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285163
|
- |
|
boldgrid
|
w3_total_cache
|
The W3 Total Cache plugin before 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and hijack the authent…
|
CWE-352
Origin Validation Error
|
CVE-2014-9414
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285164
|
- |
|
ip_ban_project
|
ip_ban
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the IP Ban (simple-ip-ban) plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests …
|
CWE-352
Origin Validation Error
|
CVE-2014-9413
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285165
|
- |
|
bird_feeder_project
|
bird_feeder
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird Feeder plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduc…
|
CWE-352
Origin Validation Error
|
CVE-2014-9334
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285166
|
- |
|
allegrosoft
|
rompager
|
Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei Home Gateway products and other vendors and products, allow remote attackers to cause a denial of service or possibly execute arbi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9223
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285167
|
- |
|
allegrosoft
|
rompager
|
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory cor…
|
CWE-17
Code
|
CVE-2014-9222
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285168
|
- |
|
microfocus
|
access_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/j…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9412
|
2024-11-21 11:20 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285169
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2014-9115
|
2024-11-21 11:20 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285170
|
- |
|
modx
|
modx_revolution
|
Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX Revolution 2.3.2-pl allows remote attackers to inject arbitrary web script or HTML via the callback …
|
CWE-79
Cross-site Scripting
|
CVE-2014-8992
|
2024-11-21 11:20 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
