257781
|
- |
|
php_kobo
|
multifunctional_mailform_free
|
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3894
|
2014-08-5 01:06 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257782
|
- |
|
webidsupport
|
webid
|
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) T…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5101
|
2014-08-5 00:29 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257783
|
- |
|
innominate
|
mguard_firmware
|
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.
|
CWE-200
Information Exposure
|
CVE-2014-2356
|
2014-08-5 00:19 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257784
|
- |
|
yealink
|
sip-t38g
|
cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running …
|
CWE-78
OS Command
|
CVE-2013-5758
|
2014-08-4 23:13 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257785
|
- |
|
yealink
|
sip-t38g
|
Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parame…
|
CWE-22
Path Traversal
|
CVE-2013-5757
|
2014-08-4 23:10 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257786
|
- |
|
yealink
|
sip-t38g
|
Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx.
|
CWE-22
Path Traversal
|
CVE-2013-5756
|
2014-08-4 23:08 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257787
|
- |
|
vitamin_plugin_project
|
vitamin
|
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_head…
|
CWE-22
Path Traversal
|
CVE-2012-6651
|
2014-08-1 23:07 |
2014-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257788
|
- |
|
juniper
|
junos srx100 srx110 srx1400 srx210 srx220 srx240 srx3400 srx3600 srx550 srx5600 srx5800 srx650
|
Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translat…
|
CWE-20
Improper Input Validation
|
CVE-2014-3817
|
2014-08-1 14:09 |
2014-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257789
|
- |
|
homepage_decorator_perlmailer_project
|
homepage_decorator_perlmailer
|
Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlMailer 3.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3897
|
2014-07-31 04:03 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257790
|
- |
|
iodata
|
ts-wlcam\/v_camera_firmware ts-wlcam\/v_camera ts-wptcam_camera_firmware ts-wptcam_camera ts-wlcam_camera_firmware ts-wlcam_camera ts-ptcam\/poe_camera_firmware ts-ptcam\/poe_cam…
|
The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and …
|
CWE-287
Improper Authentication
|
CVE-2014-3895
|
2014-07-31 03:48 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|