|
259151
|
- |
|
trojita_project
|
trojita
|
The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message int…
|
CWE-200
Information Exposure
|
CVE-2014-2567
|
2014-03-26 09:20 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259152
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) qu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1822
|
2014-03-26 06:07 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259153
|
- |
|
owncloud
|
owncloud
|
Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to ex…
|
CWE-94
Code Injection
|
CVE-2013-1850
|
2014-03-26 06:04 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259154
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ownCloud before 4.5.12 and 5.x before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2150
|
2014-03-26 06:03 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259155
|
- |
|
owncloud
|
owncloud
|
Per: http://owncloud.org/about/security/advisories/oC-SA-2013-028/
"Cross-site scripting (XSS) vulnerabilities in js/viewer.js inside the files_videoviewer application via multiple unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2150
|
2014-03-26 06:03 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259156
|
- |
|
owncloud
|
owncloud
|
Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that ch…
|
CWE-352
Origin Validation Error
|
CVE-2013-0301
|
2014-03-26 05:56 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259157
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that (1) change the default view vi…
|
CWE-352
Origin Validation Error
|
CVE-2013-0300
|
2014-03-26 05:55 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259158
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that (1) change t…
|
CWE-352
Origin Validation Error
|
CVE-2013-0299
|
2014-03-26 05:49 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259159
|
- |
|
owncloud
|
owncloud
|
Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vect…
|
CWE-287
Improper Authentication
|
CVE-2014-2047
|
2014-03-26 04:36 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259160
|
- |
|
owncloud
|
owncloud
|
The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2049
|
2014-03-26 04:32 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
