|
257211
|
- |
|
splunk
|
splunk
|
The "runshellscript echo.sh" script in Splunk before 5.0.5 allows remote authenticated users to execute arbitrary commands via a crafted string. NOTE: this issue was SPLIT from CVE-2013-6771 per ADT…
|
CWE-94
Code Injection
|
CVE-2013-7394
|
2014-08-7 22:37 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257212
|
- |
|
splunk
|
splunk
|
Directory traversal vulnerability in the collect script in Splunk before 5.0.5 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the file parameter. NOTE: this issue was SP…
|
CWE-22
Path Traversal
|
CVE-2013-6771
|
2014-08-7 22:34 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257213
|
- |
|
simple_retail_menus_plugin_project
|
simple-retail-menus
|
SQL injection vulnerability in includes/mode-edit.php in the Simple Retail Menus (simple-retail-menus) plugin before 4.1 for WordPress allows remote authenticated editors to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2014-5183
|
2014-08-7 22:30 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257214
|
- |
|
tom_m8te_plugin_project
|
tom-m8te_plugin
|
Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote attackers to read arbitrary files via the file parameter to tom-download-file.php.
|
CWE-22
Path Traversal
|
CVE-2014-5187
|
2014-08-7 22:25 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257215
|
- |
|
all_video_gallery_plugin_project
|
all-video-gallery
|
SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in …
|
CWE-89
SQL Injection
|
CVE-2014-5186
|
2014-08-7 22:22 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257216
|
- |
|
quartz_plugin_project
|
quartz_plugin
|
SQL injection vulnerability in the Quartz plugin 1.01.1 for WordPress allows remote authenticated users with Contributor privileges to execute arbitrary SQL commands via the quote parameter in an edi…
|
CWE-89
SQL Injection
|
CVE-2014-5185
|
2014-08-7 22:14 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257217
|
- |
|
stripshow_plugin_project
|
stripshow
|
SQL injection vulnerability in the stripshow-storylines page in the stripShow plugin 2.5.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the story par…
|
CWE-89
SQL Injection
|
CVE-2014-5184
|
2014-08-7 22:06 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257218
|
- |
|
ostenta
|
yawpp
|
Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authenticated users with Contributor privileges to execute arbitrary SQL commands via vectors related to (1) …
|
CWE-89
SQL Injection
|
CVE-2014-5182
|
2014-08-7 21:46 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257219
|
- |
|
last.fm_rotation_plugin_project
|
lastfm-rotation_plugin
|
Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation (lastfm-rotation) plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the snod…
|
CWE-22
Path Traversal
|
CVE-2014-5181
|
2014-08-7 21:42 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257220
|
- |
|
hdwplayer
|
hdw-player-video-player-video-gallery
|
SQL injection vulnerability in the videos page in the HDW Player Plugin (hdw-player-video-player-video-gallery) 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL…
|
CWE-89
SQL Injection
|
CVE-2014-5180
|
2014-08-7 21:30 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
