|
257391
|
- |
|
tp-link
|
firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for …
|
CWE-352
Origin Validation Error
|
CVE-2013-2645
|
2014-10-7 03:50 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257392
|
- |
|
rockwellautomation
|
ab_micrologix_controller
|
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause…
|
CWE-399
Resource Management Errors
|
CVE-2014-5410
|
2014-10-7 03:41 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257393
|
- |
|
cisco
|
ios_xr
asr_9000_rsp440_router
asr_9001
asr_9006
asr_9010
asr_9904
asr_9912
asr_9922
|
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3396
|
2014-10-7 03:30 |
2014-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257394
|
- |
|
cisco
|
webex_meetings_server
|
Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344.
|
CWE-200
Information Exposure
|
CVE-2014-3400
|
2014-10-7 03:23 |
2014-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257395
|
- |
|
mm_forum_project
|
mm_forum
|
Cross-site request forgery (CSRF) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspe…
|
CWE-352
Origin Validation Error
|
CVE-2014-6299
|
2014-10-7 03:02 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257396
|
- |
|
external_links_click_statistics_project
|
external_links_click_statistics
|
Cross-site scripting (XSS) vulnerability in the External links click statistics (outstats) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6294
|
2014-10-7 02:46 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257397
|
- |
|
wec_map_project
|
wec_map
|
SQL injection vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-6295
|
2014-10-7 02:46 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257398
|
- |
|
wec_map_project
|
wec_map
|
Cross-site scripting (XSS) vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-6296
|
2014-10-7 02:46 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257399
|
- |
|
kennziffer
|
statistics
|
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild i…
|
CWE-89
SQL Injection
|
CVE-2014-6293
|
2014-10-7 02:39 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257400
|
- |
|
daniel_lienert
michael_knoll
|
yet_another_gallery
tools_for_extbase_developmen
|
The Ajax dispatcher for Extbase in the Yet Another Gallery (yag) extension before 3.0.1 and Tools for Extbase development (pt_extbase) extension before 1.5.1 allows remote attackers to bypass access …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6289
|
2014-10-7 02:22 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
