258631
|
- |
|
yokogawa
|
b\/m9000cs_software b\/m9000cs centum_cs_1000_software centum_cs_1000 centum_cs_3000_software centum_cs_3000 centum_cs_3000_entry_class_software centum_cs_3000_entry_class exa…
|
Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0782
|
2014-05-19 23:57 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258632
|
- |
|
dotclear
|
dotclear
|
Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/publ…
|
CWE-94
Code Injection
|
CVE-2014-1613
|
2014-05-17 03:43 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258633
|
- |
|
ucdok
|
tomato
|
The admin API in the tomato module before 0.0.6 for Node.js does not properly check the access key when it is set to a string, which allows remote attackers to bypass authentication via a string in t…
|
CWE-287
Improper Authentication
|
CVE-2013-7379
|
2014-05-17 02:55 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258634
|
- |
|
bilyoner
|
bilyoner
|
The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain se…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3750
|
2014-05-17 02:46 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258635
|
- |
|
mantisbt
|
mantisbt
|
Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12 allow remote authenticated users with manager or administrator permissions to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1810
|
2014-05-16 21:51 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258636
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_api.php in MantisBT 1.2.12 before 1.2.13 allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0197
|
2014-05-16 21:44 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258637
|
- |
|
caldera
|
caldera
|
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
|
CWE-78
OS Command
|
CVE-2014-2935
|
2014-05-16 13:26 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258638
|
- |
|
caldera
|
caldera
|
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified …
|
CWE-94
Code Injection
|
CVE-2014-2936
|
2014-05-16 13:26 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258639
|
- |
|
sixnet
|
sixview_manager
|
Directory traversal vulnerability in Sixnet SixView Manager 2.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 18081.
|
CWE-22
Path Traversal
|
CVE-2014-2976
|
2014-05-16 13:26 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258640
|
- |
|
open_assessment_technologies_
|
tao
|
Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote attackers to hijack the authentication of administrators for requests that create administrativ…
|
CWE-352
Origin Validation Error
|
CVE-2014-2989
|
2014-05-16 13:26 |
2014-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|