257971
|
- |
|
ajaydsouza
|
contextual_related_posts
|
SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3937
|
2014-06-4 00:09 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257972
|
- |
|
redhat
|
openstack
|
The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for Qpid…
|
CWE-287
Improper Authentication
|
CVE-2013-6470
|
2014-06-4 00:00 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257973
|
- |
|
danielkorte
|
nodeaccesskeys
|
The Node Access Keys module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote attackers to bypass access restrictions via a node listing.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4596
|
2014-06-3 23:49 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257974
|
- |
|
dleviet
|
datalife_engine
|
Session fixation vulnerability in DataLife Engine (DLE) 9.7 and earlier allows remote attackers to hijack web sessions via the PHPSESSID cookie.
|
NVD-CWE-Other
|
CVE-2013-7387
|
2014-06-3 22:10 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257975
|
- |
|
dleviet
|
datalife_engine
|
Per: http://cwe.mitre.org/data/definitions/384.html
"CWE-384: Session Fixation"
|
NVD-CWE-Other
|
CVE-2013-7387
|
2014-06-3 22:10 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257976
|
- |
|
dleviet
|
datalife_engine
|
DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[] parameter to engine/preview.php, which is used in a preg_replace function call with an e modifier.
|
CWE-94
Code Injection
|
CVE-2013-1412
|
2014-06-3 21:27 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257977
|
- |
|
mediawiki
|
mediawiki
|
Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centrala…
|
NVD-CWE-Other
|
CVE-2012-5395
|
2014-06-3 21:09 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257978
|
- |
|
mediawiki
|
mediawiki
|
Per: http://cwe.mitre.org/data/definitions/384.html
"CWE-384: Session Fixation"
|
NVD-CWE-Other
|
CVE-2012-5395
|
2014-06-3 21:09 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257979
|
- |
|
intel
|
indeo_video
|
ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3735
|
2014-06-3 20:45 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257980
|
- |
|
xoops
|
glossaire_module
|
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote attackers to execute arbitrary SQL commands via the lettre parameter.
|
CWE-89
SQL Injection
|
CVE-2014-3935
|
2014-06-3 20:08 |
2014-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|