257771
|
- |
|
algosec
|
firewall_analyzer
|
Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7318
|
2014-08-6 22:04 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257772
|
- |
|
adobe
|
adobe_air adobe_air_sdk flash_player
|
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adob…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0539
|
2014-08-5 23:17 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257773
|
- |
|
adobe
|
adobe_air_sdk flash_player adobe_air
|
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adob…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0537
|
2014-08-5 23:16 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257774
|
- |
|
neo4j
|
neo4j
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Neo4J 1.9.2 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary code, as demonstrat…
|
CWE-78 CWE-352
OS Command Origin Validation Error
|
CVE-2013-7259
|
2014-08-5 06:42 |
2014-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257775
|
- |
|
php-fusion
|
php-fusion
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php;…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1804
|
2014-08-5 06:41 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257776
|
- |
|
ibm
|
scale_out_network_attached_storage
|
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an administrative password in the shell history upon use of the -p option to chuser, which allows local users to o…
|
CWE-200
Information Exposure
|
CVE-2014-3045
|
2014-08-5 04:05 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257777
|
- |
|
cybozu
|
garoon
|
The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2014-1987
|
2014-08-5 04:00 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257778
|
- |
|
cybozu
|
garoon
|
The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1993
|
2014-08-5 03:38 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257779
|
- |
|
cybozu
|
garoon
|
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1996
|
2014-08-5 01:54 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257780
|
- |
|
fuelphp
|
fuelphp
|
The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response.
|
CWE-94
Code Injection
|
CVE-2014-1999
|
2014-08-5 01:27 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|