|
257221
|
- |
|
all_video_gallery_plugin_project
|
all_video_gallery_plugin
|
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin before 1.2.0 for WordPress has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-6653
|
2014-08-7 21:25 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257222
|
- |
|
status2k
|
status2k
|
admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the Location field in Add Logs in the Admin Panel.
|
CWE-94
Code Injection
|
CVE-2014-5090
|
2014-08-7 21:13 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257223
|
- |
|
status2k
|
status2k
|
SQL injection vulnerability in admin/options/logs.php in Status2k allows remote authenticated administrators to execute arbitrary SQL commands via the log parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5089
|
2014-08-7 21:12 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257224
|
- |
|
algosec
|
firewall_analyzer
|
Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7318
|
2014-08-6 22:04 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257225
|
- |
|
adobe
|
adobe_air
adobe_air_sdk
flash_player
|
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adob…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0539
|
2014-08-5 23:17 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257226
|
- |
|
adobe
|
adobe_air_sdk
flash_player
adobe_air
|
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adob…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0537
|
2014-08-5 23:16 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257227
|
- |
|
neo4j
|
neo4j
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Neo4J 1.9.2 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary code, as demonstrat…
|
CWE-78
CWE-352
OS Command
Origin Validation Error
|
CVE-2013-7259
|
2014-08-5 06:42 |
2014-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257228
|
- |
|
php-fusion
|
php-fusion
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php;…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1804
|
2014-08-5 06:41 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257229
|
- |
|
ibm
|
scale_out_network_attached_storage
|
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an administrative password in the shell history upon use of the -p option to chuser, which allows local users to o…
|
CWE-200
Information Exposure
|
CVE-2014-3045
|
2014-08-5 04:05 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257230
|
- |
|
cybozu
|
garoon
|
The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2014-1987
|
2014-08-5 04:00 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
