|
258261
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that (1) change t…
|
CWE-352
Origin Validation Error
|
CVE-2013-0299
|
2014-03-26 05:49 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258262
|
- |
|
owncloud
|
owncloud
|
Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vect…
|
CWE-287
Improper Authentication
|
CVE-2014-2047
|
2014-03-26 04:36 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258263
|
- |
|
owncloud
|
owncloud
|
The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2049
|
2014-03-26 04:32 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258264
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 7.4.1 before 7.4.1-rev10 and 7.4.2 before 7.4.2-rev8 allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2077
|
2014-03-25 07:55 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258265
|
- |
|
cisco
|
webex_meeting_center
|
WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access…
|
CWE-200
Information Exposure
|
CVE-2014-0708
|
2014-03-25 07:48 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258266
|
- |
|
videolan
|
vlc_media_player
|
VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file.
|
CWE-399
Resource Management Errors
|
CVE-2013-7340
|
2014-03-25 07:47 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258267
|
- |
|
owncloud
|
owncloud
|
Unspecified vulnerability in core/settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue …
|
NVD-CWE-noinfo
|
CVE-2013-7344
|
2014-03-25 07:28 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258268
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 6.0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2057
|
2014-03-25 07:16 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258269
|
- |
|
mcafee
|
cloud_single_sign_on
|
Cross-site scripting (XSS) vulnerability in the login audit form in McAfee Cloud Single Sign On (SSO) allows remote attackers to inject arbitrary web script or HTML via a crafted password.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2586
|
2014-03-25 07:15 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258270
|
- |
|
owncloud
|
owncloud
|
ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external app is enabled, allows remote authenticated users to mount the local filesystem in the user's ownCloud via the mount configuration.
|
CWE-20
Improper Input Validation
|
CVE-2014-2585
|
2014-03-25 02:10 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
