259251
|
- |
|
catfish_project
|
catfish
|
Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under t…
|
NVD-CWE-Other
|
CVE-2014-2095
|
2014-03-12 01:56 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259252
|
- |
|
catfish_project
|
catfish
|
Per: http://cwe.mitre.org/data/definitions/426.html
"CWE-426: Untrusted Search Path"
|
NVD-CWE-Other
|
CVE-2014-2095
|
2014-03-12 01:56 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259253
|
- |
|
catfish_project
|
catfish
|
Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the curren…
|
NVD-CWE-Other
|
CVE-2014-2094
|
2014-03-12 01:55 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259254
|
- |
|
imagecms
|
imagecms
|
Cross-site request forgery (CSRF) vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q…
|
CWE-352
Origin Validation Error
|
CVE-2013-7334
|
2014-03-12 01:30 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259255
|
- |
|
zte
|
f460 f660
|
web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2321
|
2014-03-12 01:22 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259256
|
- |
|
zte
|
f460 f660
|
Per: http://www.kb.cert.org/vuls/id/600724
" It has been reported that the web_shell_cmd.gch script is sometimes accessible from the WAN interface making exploitation of this backdoor from the Inter…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2321
|
2014-03-12 01:22 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259257
|
- |
|
huawei
|
e355_firmware e355
|
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, …
|
CWE-287
Improper Authentication
|
CVE-2013-6031
|
2014-03-11 23:11 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259258
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
|
Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 b…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6944
|
2014-03-11 22:48 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259259
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
|
Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors…
|
CWE-94
Code Injection
|
CVE-2013-6943
|
2014-03-11 22:47 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259260
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
|
Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attack…
|
CWE-352
Origin Validation Error
|
CVE-2013-6942
|
2014-03-11 22:43 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|