|
256911
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3066
|
2014-10-1 03:25 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256912
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2013-3064
|
2014-10-1 03:23 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256913
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
<a href = "http://cwe.mitre.org/data/definitions/601.html"> CWE-601: URL Redirection to Untrusted Site ('Open Redirect') </a>
|
NVD-CWE-Other
|
CVE-2013-3064
|
2014-10-1 03:23 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256914
|
- |
|
sleuthkit
|
the_sleuth_kit
|
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide a…
|
CWE-20
Improper Input Validation
|
CVE-2012-5619
|
2014-10-1 02:47 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256915
|
- |
|
mailchimp
|
easy_mailchimp_forms_plugin
|
Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options actio…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7152
|
2014-10-1 02:14 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256916
|
- |
|
contactus
|
contact_form_7_integrations
|
Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmin.php in Contact Form 7 Integrations plugin 1.0 through 1.3.10 for WordPress allow remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6445
|
2014-10-1 00:06 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256917
|
- |
|
latin_angels_music_hd_project
|
latin_angels_music_hd
|
The Latin Angels Music HD (aka com.applizards.lafreetj) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and …
|
CWE-310
Cryptographic Issues
|
CVE-2014-6664
|
2014-09-30 02:59 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256918
|
- |
|
netjapan
|
tsushima_travel_guide
|
The Tsushima Travel Guide (aka com.netjapan.ntsushima) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and o…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6685
|
2014-09-29 11:02 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256919
|
- |
|
mol
|
mol_bringapont
|
The MOL bringaPONT (aka hu.mol.bringapont) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensit…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6684
|
2014-09-29 11:01 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256920
|
- |
|
openelectrical
|
open_electrical_webser
|
The Open Electrical Webser (aka com.wOpenElectricalWeb) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and …
|
CWE-310
Cryptographic Issues
|
CVE-2014-6683
|
2014-09-29 11:00 |
2014-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
