|
257471
|
- |
|
bizagi
|
business_process_management_suite
|
SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite through 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.
|
CWE-89
SQL Injection
|
CVE-2014-2948
|
2014-06-28 01:50 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257472
|
- |
|
cogentdatahub
|
cogent_datahub
|
Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3788
|
2014-06-28 01:48 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257473
|
- |
|
coscms
|
coscms
|
The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.
|
CWE-78
OS Command
|
CVE-2013-1668
|
2014-06-28 01:35 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257474
|
- |
|
david_bagley
|
xlockmore
|
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemen…
|
NVD-CWE-Other
|
CVE-2013-4143
|
2014-06-27 00:46 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257475
|
- |
|
david_bagley
|
xlockmore
|
per http://cwe.mitre.org/data/definitions/476.html
"CWE-476: NULL Pointer Dereference"
|
NVD-CWE-Other
|
CVE-2013-4143
|
2014-06-27 00:46 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257476
|
- |
|
bitrix
|
bitrix_e-store_module
|
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypa…
|
CWE-287
Improper Authentication
|
CVE-2013-6788
|
2014-06-27 00:38 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257477
|
- |
|
coreftp
|
core_ftp
|
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4643
|
2014-06-26 23:30 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257478
|
- |
|
longtailvideo
|
jw_player_for_flash_\&_html5_video_plugin
|
Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove play…
|
CWE-352
Origin Validation Error
|
CVE-2014-4030
|
2014-06-26 23:25 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257479
|
- |
|
dell
quantum
|
powervault_ml6000_firmware
powervault_ml6000
scalar_i500_firmware
scalar_i500
|
logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote …
|
CWE-78
OS Command
|
CVE-2014-2959
|
2014-06-26 13:50 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257480
|
- |
|
juniper
|
screenos
netscreen-5200
netscreen-5400
|
Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a de…
|
NVD-CWE-noinfo
|
CVE-2014-3813
|
2014-06-26 13:50 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
