258521
|
- |
|
cogentdatahub
|
cogent_datahub
|
Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2353
|
2014-06-5 21:36 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258522
|
- |
|
trianglemicroworks
|
scada_data_gateway
|
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet.
|
CWE-20
Improper Input Validation
|
CVE-2014-2342
|
2014-06-5 21:32 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258523
|
- |
|
owncloud
|
owncloud
|
ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vect…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3835
|
2014-06-5 20:10 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258524
|
- |
|
postfix_admin_project
|
postfix_admin
|
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2014-2655
|
2014-06-5 13:31 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258525
|
- |
|
debian
|
dpkg
|
dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error…
|
CWE-22
Path Traversal
|
CVE-2014-3127
|
2014-06-5 13:31 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258526
|
- |
|
owncloud
|
owncloud
|
ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3834
|
2014-06-5 04:10 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258527
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery and (2) core components in ownCloud Server before 5.016 and 6.0.x before 6.0.3 allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3833
|
2014-06-5 04:09 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258528
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3832
|
2014-06-5 04:06 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258529
|
- |
|
owncloud phpdocx
|
owncloud phpdocx
|
PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External…
|
NVD-CWE-Other
|
CVE-2014-2056
|
2014-06-5 03:41 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258530
|
- |
|
owncloud phpdocx
|
owncloud phpdocx
|
Per: http://cwe.mitre.org/data/definitions/611.html
"CWE-611: Improper Restriction of XML External Entity Reference ('XXE')"
|
NVD-CWE-Other
|
CVE-2014-2056
|
2014-06-5 03:41 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|