|
257401
|
- |
|
mm_forum_project
|
mm_forum
|
Cross-site scripting (XSS) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-6297
|
2014-10-7 02:09 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257402
|
- |
|
mm_forum_project
|
mm_forum
|
Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then access…
|
CWE-94
Code Injection
|
CVE-2014-6298
|
2014-10-7 02:09 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257403
|
- |
|
news_project
|
news
|
The News (tt_news) extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue.
|
CWE-20
Improper Input Validation
|
CVE-2014-6290
|
2014-10-7 01:26 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257404
|
- |
|
maher_zain_project
|
maher_zain
|
The Maher Zain (aka com.vanagas.app.maher_zain) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6705
|
2014-10-5 09:15 |
2014-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257405
|
- |
|
sportinginnovations
|
utah_jazz
|
The Utah Jazz (aka com.sportinginnovations.jazz) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtai…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6704
|
2014-10-5 09:14 |
2014-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257406
|
- |
|
sportinginnovations
|
utah_jazz
|
The Sporting Club Uphoria (aka com.sportinginnovations.skc) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof server…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6708
|
2014-10-5 09:13 |
2014-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257407
|
- |
|
phonearabs4_project
|
phonearabs4
|
The phonearabs4 (aka com.phonearabs4.myapps) application 1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sens…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6703
|
2014-10-5 09:12 |
2014-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257408
|
- |
|
starsat
|
starsat_international
|
The StarSat International (aka com.conduit.app_b15a1814d2d840198e70e3c235af5e8b.app) application 1.41.54.9222 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6702
|
2014-10-5 09:09 |
2014-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257409
|
- |
|
vendormate
|
vendormate_mobile
|
The Vendormate Mobile (aka com.vendormate.mobile) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6701
|
2014-10-5 09:08 |
2014-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257410
|
- |
|
nba
|
nba_game_time_2013-2014
|
The NBA Game Time 2013-2014 (aka com.nbadigital.gametimelite) application 4.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serve…
|
CWE-310
Cryptographic Issues
|
CVE-2014-6700
|
2014-10-5 09:07 |
2014-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
