|
287321
|
- |
|
kennziffer
|
statistics
|
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild i…
|
CWE-89
SQL Injection
|
CVE-2014-6293
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287322
|
- |
|
in2code
|
femanager
|
The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-6292
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287323
|
- |
|
alphabetic_sitemap_project
|
alphabetic_sitemap
|
Cross-site scripting (XSS) vulnerability in the Alphabetic Sitemap (alpha_sitemap) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6291
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287324
|
- |
|
news_project
|
news
|
The News (tt_news) extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue.
|
CWE-20
Improper Input Validation
|
CVE-2014-6290
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287325
|
- |
|
michael_knoll
daniel_lienert
|
tools_for_extbase_developmen
yet_another_gallery
|
The Ajax dispatcher for Extbase in the Yet Another Gallery (yag) extension before 3.0.1 and Tools for Extbase development (pt_extbase) extension before 1.5.1 allows remote attackers to bypass access …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6289
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287326
|
- |
|
alex_kellner
|
powermail
|
The powermail extension 2.x before 2.0.11 for TYPO3 allows remote attackers to bypass the CAPTCHA protection mechanism via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6288
|
2024-11-21 11:14 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287327
|
- |
|
openstack
canonical
|
neutron
ubuntu_linux
|
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6414
|
2024-11-21 11:14 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287328
|
- |
|
tips_and_tricks_hq
|
all_in_one_wordpress_security_and_firewall
|
Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin before 3.8.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) orderb…
|
CWE-89
SQL Injection
|
CVE-2014-6242
|
2024-11-21 11:14 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287329
|
- |
|
restaurantmis
|
restaurant_script
|
Multiple cross-site scripting (XSS) vulnerabilities in register-exec.php in Restaurant Script (PizzaInn_Project) 1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fname,…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6619
|
2024-11-21 11:14 |
2014-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287330
|
- |
|
your_online_shop_project
|
your_online_shop
|
Cross-site scripting (XSS) vulnerability in Your Online Shop allows remote attackers to inject arbitrary web script or HTML via the products_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-6618
|
2024-11-21 11:14 |
2014-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
