|
285271
|
- |
|
reality66
|
cart66_lite
|
SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for WordPress allows remote authenticated users to execute arbitrary…
|
CWE-89
SQL Injection
|
CVE-2014-9305
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285272
|
- |
|
mantisbt
|
mantisbt
|
The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter.
|
CWE-94
Code Injection
|
CVE-2014-9280
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285273
|
- |
|
mantisbt
|
mantisbt
|
The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL in the hostname paramet…
|
CWE-200
Information Exposure
|
CVE-2014-9279
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285274
|
- |
|
opensuse
redhat
debian
|
opensuse
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
hivex
|
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9273
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285275
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in the projax_array_serialize_for_autocomplete function in core/projax_api.php in MantisBT 1.1.0a3 through 1.2.17 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9270
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285276
|
- |
|
autodesk
|
design_review
|
The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.
|
CWE-20
Improper Input Validation
|
CVE-2014-9268
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285277
|
- |
|
ptc
|
isoview
|
Heap-based buffer overflow in the PTC IsoView ActiveX control allows remote attackers to execute arbitrary code via a crafted ViewPort property value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9267
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285278
|
- |
|
samsung
|
smart_viewer
|
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2014-9266
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285279
|
- |
|
samsung
|
smartviewer
|
Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9265
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285280
|
- |
|
3s_pocketnet_tech
|
3s_pocketnet_tech_video_management_software
|
Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control in 3S Pocketnet Tech VMS allow remote attackers to execute arbitrary code via a crafted string to the (1) Start…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9263
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
