|
257741
|
- |
|
webidsupport
|
webid
|
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) T…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5101
|
2014-08-5 00:29 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257742
|
- |
|
innominate
|
mguard_firmware
|
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.
|
CWE-200
Information Exposure
|
CVE-2014-2356
|
2014-08-5 00:19 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257743
|
- |
|
yealink
|
sip-t38g
|
cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running …
|
CWE-78
OS Command
|
CVE-2013-5758
|
2014-08-4 23:13 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257744
|
- |
|
yealink
|
sip-t38g
|
Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parame…
|
CWE-22
Path Traversal
|
CVE-2013-5757
|
2014-08-4 23:10 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257745
|
- |
|
yealink
|
sip-t38g
|
Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx.
|
CWE-22
Path Traversal
|
CVE-2013-5756
|
2014-08-4 23:08 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257746
|
- |
|
vitamin_plugin_project
|
vitamin
|
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_head…
|
CWE-22
Path Traversal
|
CVE-2012-6651
|
2014-08-1 23:07 |
2014-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257747
|
- |
|
juniper
|
junos
srx100
srx110
srx1400
srx210
srx220
srx240
srx3400
srx3600
srx550
srx5600
srx5800
srx650
|
Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translat…
|
CWE-20
Improper Input Validation
|
CVE-2014-3817
|
2014-08-1 14:09 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257748
|
- |
|
homepage_decorator_perlmailer_project
|
homepage_decorator_perlmailer
|
Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlMailer 3.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3897
|
2014-07-31 04:03 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257749
|
- |
|
iodata
|
ts-wlcam\/v_camera_firmware
ts-wlcam\/v_camera
ts-wptcam_camera_firmware
ts-wptcam_camera
ts-wlcam_camera_firmware
ts-wlcam_camera
ts-ptcam\/poe_camera_firmware
ts-ptcam\/poe_cam…
|
The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and …
|
CWE-287
Improper Authentication
|
CVE-2014-3895
|
2014-07-31 03:48 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257750
|
- |
|
iodata
|
ts-wlcam\/v_camera_firmware
ts-wlcam\/v_camera
ts-wptcam_camera_firmware
ts-wptcam_camera
ts-wlcam_camera_firmware
ts-wlcam_camera
ts-ptcam\/poe_camera_firmware
ts-ptcam\/poe_cam…
|
Per: http://jvn.jp/en/jp/JVN94592501/index.html
"Products Affected
TS-WLCAM firmware version 1.06 and earlier
TS-WLCAM/V firmware version 1.06 and earlier
TS-WPTCAM firmware version 1.0…
|
CWE-287
Improper Authentication
|
CVE-2014-3895
|
2014-07-31 03:48 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
