257761
|
- |
|
piwigo
|
piwigo
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Piwigo before 2.6.2 allow remote attackers to hijack the authentication of administrators for requests that use the (1) pwg.groups.addUse…
|
CWE-352
Origin Validation Error
|
CVE-2014-4614
|
2014-07-10 03:37 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257762
|
- |
|
rimarts
|
becky\!_internet_mail
|
Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows remote POP3 servers to execute arbitrary code via a crafted response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3891
|
2014-07-10 03:17 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257763
|
- |
|
verification_code_for_comments_project
|
verification_code_for_comments
|
Multiple cross-site scripting (XSS) vulnerabilities in vcc.js.php in the Verification Code for Comments plugin 2.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4565
|
2014-07-10 01:04 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257764
|
- |
|
url_cloak_\&_encrypt_project
|
url_cloak_\&_encrypt
|
Cross-site scripting (XSS) vulnerability in go.php in the URL Cloak & Encrypt (url-cloak-encrypt) plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4563
|
2014-07-9 10:45 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257765
|
- |
|
aas9
|
zerocms
|
Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4195
|
2014-07-9 10:29 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257766
|
- |
|
avg
|
safeguard secure_search_toolbar
|
ScriptHelperApi in the AVG ScriptHelper ActiveX control in ScriptHelper.exe in AVG Secure Search toolbar before 18.1.7.598 and AVG Safeguard before 18.1.7.644 does not implement domain-based access c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2956
|
2014-07-9 03:49 |
2014-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257767
|
- |
|
avg
|
safeguard secure_search_toolbar
|
Per: http://www.kb.cert.org/vuls/id/960193
"This issue is addressed in AVG Secure Search toolbar version 18.1.7.598 and AVG Safeguard 18.1.7.644"
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2956
|
2014-07-9 03:49 |
2014-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257768
|
- |
|
easy_banners_plugin_project
|
easy_banners
|
Cross-site scripting (XSS) vulnerability in the Easy Banners plugin 1.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter to wp-admin/options-general…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4723
|
2014-07-9 00:27 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257769
|
- |
|
foxitsoftware
|
foxit_pdf_sdk_dll
|
Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4646
|
2014-07-9 00:12 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257770
|
- |
|
netgear
|
gs108pe_firmware gs108pe
|
NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify mem…
|
CWE-255
Credentials Management
|
CVE-2014-2969
|
2014-07-8 04:14 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|