|
257571
|
- |
|
featured_comments_plugin_project
|
featured_comments
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2014-4163
|
2014-06-17 23:39 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257572
|
- |
|
reviewboard
|
djblets
|
Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3995
|
2014-06-17 23:22 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257573
|
- |
|
echoping_project
|
echoping
|
Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted reply in the (1) TLS_readline o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5111
|
2014-06-17 22:00 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257574
|
- |
|
iij
|
seil\%2fturbo_firmware
seil\/turbo
seil\%2fneu_2fe_plus_firmware
seil\/neu_2fe_plus
seil\%2fx86_firmware
seil\/x86
seil\%2fx2_firmware
seil\/x2
seil\%2fx1_firmware
seil\/x1…
|
The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 routers 1.00 through 4.50, SEIL/X2 routers 1.00 through 4.50, SEIL/B1 routers 1.00 through 4.50, SEIL/Turbo rou…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2004
|
2014-06-17 02:10 |
2014-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257575
|
- |
|
justsystems
|
ichitaro
just_online_update
|
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execut…
|
CWE-20
Improper Input Validation
|
CVE-2014-2003
|
2014-06-17 01:43 |
2014-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257576
|
- |
|
c-board_moyuku_project
|
c-board_moyuku
|
Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2002
|
2014-06-17 00:56 |
2014-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257577
|
- |
|
sap
|
supplier_relationship_management
|
Cross-site scripting (XSS) vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4161
|
2014-06-16 23:33 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257578
|
- |
|
juniper
|
ive_os
unified_access_control_software
fips_infranet_controller_6500
fips_secure_access_4000
fips_secure_access_4500
fips_secure_access_6000
fips_secure_access_6500
infranet_cont…
|
The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cip…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3812
|
2014-06-16 22:26 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257579
|
- |
|
qbnz
|
geshi
|
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3522
|
2014-06-14 00:48 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257580
|
- |
|
qbnz
|
geshi
|
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) geshi-path or (2) geshi…
|
CWE-22
Path Traversal
|
CVE-2012-3521
|
2014-06-14 00:31 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
