258261
|
- |
|
python pythonware
|
pillow python_imaging_library
|
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possib…
|
CWE-78
OS Command
|
CVE-2014-3007
|
2014-04-29 02:51 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258262
|
- |
|
acunetix
|
web_vulnerability_scanner
|
Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2994
|
2014-04-29 01:06 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258263
|
- |
|
powersoftware
|
winarchiver
|
Buffer overflow in Power Software WinArchiver 3.2 allows remote attackers to execute arbitrary code via a crafted .zip file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5660
|
2014-04-26 03:44 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258264
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allows remote attackers to redirect users to arbitrary web sites …
|
CWE-20
Improper Input Validation
|
CVE-2013-4723
|
2014-04-26 03:38 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258265
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2013-4726
|
2014-04-26 03:38 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258266
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/default.asp in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allow remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4722
|
2014-04-26 03:34 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258267
|
- |
|
netgear
|
wndr4700_firmware wndr4700
|
Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Pass…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3069
|
2014-04-26 03:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258268
|
- |
|
ushahidi
|
ushahidi_platform
|
Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x through 2.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2025
|
2014-04-26 03:01 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258269
|
- |
|
joomlaboat
|
com_youtubegallery
|
Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php in the Youtube Gallery (com_youtubegallery) component 3.4.0 for Joomla! allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5956
|
2014-04-26 02:42 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258270
|
- |
|
softmotion3d festo 3s-software
|
softmotion cecx-x-m1_modular_controller codesys_runtime_system cecx-x-c1_modular_master_controller
|
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allow…
|
CWE-287
Improper Authentication
|
CVE-2014-0769
|
2014-04-25 22:58 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|