|
285211
|
- |
|
deliciousdays
|
cformsii
|
Unrestricted file upload vulnerability in lib_nonajax.php in the CformsII plugin 14.7 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executabl…
|
NVD-CWE-Other
|
CVE-2014-9473
|
2024-11-21 11:20 |
2015-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285212
|
- |
|
strongswan
opensuse
canonical
fedoraproject
debian
|
strongswan
opensuse
ubuntu_linux
fedora
debian_linux
|
strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) g…
|
CWE-19
Data Processing Errors
|
CVE-2014-9221
|
2024-11-21 11:20 |
2015-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285213
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev40, 7.6.0 before 7.6.0-rev32, and 7.6.1 before 7.6.1-rev11 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8993
|
2024-11-21 11:20 |
2015-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285214
|
- |
|
sonatype
|
nexus
|
Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-9389
|
2024-11-21 11:20 |
2015-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285215
|
- |
|
mediawiki
|
mediawiki
|
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7 allows remote attackers to conduct PHP object injecti…
|
CWE-77
Command Injection
|
CVE-2014-9277
|
2024-11-21 11:20 |
2015-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285216
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in the Special:ExpandedTemplates page in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgRawHTML is s…
|
CWE-352
Origin Validation Error
|
CVE-2014-9276
|
2024-11-21 11:20 |
2015-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285217
|
- |
|
microweber
|
microweber
|
SQL injection vulnerability in Category.php in Microweber CMS 0.95 before 20141209 allows remote attackers to execute arbitrary SQL commands via the category parameter when displaying a category, rel…
|
CWE-89
SQL Injection
|
CVE-2014-9464
|
2024-11-21 11:20 |
2015-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285218
|
- |
|
php
|
php
|
sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9427
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285219
|
- |
|
reality66
|
cart66_lite
|
Directory traversal vulnerability in models/Cart66.php in the Cart66 Lite plugin before 1.5.4 for WordPress allows remote authenticated users to read arbitrary files via a .. (dot dot) in the member_…
|
CWE-22
Path Traversal
|
CVE-2014-9461
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285220
|
- |
|
linux
|
linux_kernel
|
The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of a…
|
CWE-399
Resource Management Errors
|
CVE-2014-9428
|
2024-11-21 11:20 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
