|
256881
|
- |
|
belkin
|
n900_firmware
n900
|
Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration…
|
CWE-352
Origin Validation Error
|
CVE-2013-3086
|
2014-10-1 10:00 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256882
|
- |
|
belkin
|
n300_firmware
n300
|
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configur…
|
CWE-352
Origin Validation Error
|
CVE-2013-3089
|
2014-10-1 09:59 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256883
|
- |
|
juniper
|
juniper_installer_service_client
junos_pulse_client
|
Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3811
|
2014-10-1 03:26 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256884
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via ve…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3065
|
2014-10-1 03:25 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256885
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3066
|
2014-10-1 03:25 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256886
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2013-3064
|
2014-10-1 03:23 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256887
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
<a href = "http://cwe.mitre.org/data/definitions/601.html"> CWE-601: URL Redirection to Untrusted Site ('Open Redirect') </a>
|
NVD-CWE-Other
|
CVE-2013-3064
|
2014-10-1 03:23 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256888
|
- |
|
sleuthkit
|
the_sleuth_kit
|
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide a…
|
CWE-20
Improper Input Validation
|
CVE-2012-5619
|
2014-10-1 02:47 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256889
|
- |
|
mailchimp
|
easy_mailchimp_forms_plugin
|
Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options actio…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7152
|
2014-10-1 02:14 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256890
|
- |
|
contactus
|
contact_form_7_integrations
|
Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmin.php in Contact Form 7 Integrations plugin 1.0 through 1.3.10 for WordPress allow remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6445
|
2014-10-1 00:06 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
