258321
|
- |
|
amtelco
|
misecuremessages
|
Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request…
|
CWE-287
Improper Authentication
|
CVE-2014-0357
|
2014-05-10 13:02 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258322
|
- |
|
zabbix
|
zabbix
|
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5572
|
2014-05-10 12:58 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258323
|
- |
|
php-fusion
|
php-fusion
|
Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated us…
|
CWE-89
SQL Injection
|
CVE-2013-1803
|
2014-05-10 12:52 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258324
|
- |
|
dest-unreach
|
socat
|
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READL…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0219
|
2014-05-10 12:39 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258325
|
- |
|
intra-mart
|
webplatform\/appframework
|
Open redirect vulnerability in WebPlatform / AppFramework 6.0 through 7.2 in NTT DATA INTRAMART intra-mart allows remote attackers to redirect users to arbitrary web sites and conduct phishing attack…
|
CWE-20
Improper Input Validation
|
CVE-2014-1991
|
2014-05-10 03:27 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258326
|
- |
|
semantictitle_project
|
semantictitle
|
Cross-site scripting (XSS) vulnerability in the SemanticTitle extension before 1.1.0 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2854
|
2014-05-10 02:49 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258327
|
- |
|
bradesco_gateway_plugin_project
|
bradesco_gateway
|
Cross-site scripting (XSS) vulnerability in falha.php in the Bradesco Gateway plugin 2.0 for Wordpress, as used in the WP e-Commerce plugin, allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5916
|
2014-05-10 02:42 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258328
|
- |
|
sks_keyserver_project
|
sks_keyserver
|
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3207
|
2014-05-10 02:37 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258329
|
- |
|
wpgetready
|
nextcellent_gallery
|
Cross-site scripting (XSS) vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, Ne…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3123
|
2014-05-10 02:29 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258330
|
- |
|
zabbix fedoraproject
|
zabbix fedora
|
The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-1685
|
2014-05-10 01:46 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|