|
256761
|
- |
|
cisco
|
asyncos
|
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filterin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3381
|
2014-10-23 04:04 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256762
|
- |
|
ioserver
|
ioserver
|
IOServer before Beta2112.exe allows remote attackers to cause a denial of service (out-of-bounds read and master entry consumption) via a null DNP3 header.
|
CWE-399
Resource Management Errors
|
CVE-2014-5425
|
2014-10-23 03:15 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256763
|
- |
|
cisco
|
intrusion_prevention_system
|
Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows remote attackers to cause a denial of service (device reload) via crafted IP t…
|
CWE-362
Race Condition
|
CVE-2014-3406
|
2014-10-23 03:08 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256764
|
- |
|
login_widget_with_shortcode_project
|
login_widget_with_shortcode
|
Cross-site request forgery (CSRF) vulnerability in the Login Widget With Shortcode (login-sidebar-widget) plugin before 3.2.1 for WordPress allows remote attackers to hijack the authentication of adm…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6312
|
2014-10-23 02:33 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256765
|
- |
|
drupal
|
project_issue_file_review
|
Multiple cross-site scripting (XSS) vulnerabilities in the Project Issue File Review module (PIFR) module 6.x-2.x before 6.x-2.17 for Drupal allow (1) remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2014-8765
|
2014-10-23 00:08 |
2014-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256766
|
- |
|
woothemes
|
woocommerce_plugin
|
Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports …
|
CWE-79
Cross-site Scripting
|
CVE-2014-6313
|
2014-10-22 23:58 |
2014-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256767
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Multiple SQL injection vulnerabilities in the search function in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allow remote attackers to …
|
CWE-89
SQL Injection
|
CVE-2014-7201
|
2014-10-22 23:26 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256768
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7200
|
2014-10-22 23:22 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256769
|
- |
|
php_resource
|
voice_of_web_allmyguests
|
Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) allmyphp_cookie cookie to admin.php or the (2) Username o…
|
CWE-89
SQL Injection
|
CVE-2014-8294
|
2014-10-22 22:44 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256770
|
- |
|
php_resource
|
voice_of_web_allmyguests
|
Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMG_signin_topic parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8293
|
2014-10-22 22:05 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
