|
259401
|
- |
|
ilias
|
ilias
|
Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFile…
|
NVD-CWE-Other
|
CVE-2014-2088
|
2014-03-4 02:24 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259402
|
- |
|
ilias
|
ilias
|
Per: http://cwe.mitre.org/data/definitions/434.html
"CWE-434: Unrestricted Upload of File with Dangerous Type"
|
NVD-CWE-Other
|
CVE-2014-2088
|
2014-03-4 02:24 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259403
|
- |
|
schneider-electric
|
floating_license_manager
|
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed…
|
NVD-CWE-Other
|
CVE-2014-0759
|
2014-03-1 02:16 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259404
|
- |
|
schneider-electric
|
floating_license_manager
|
Per: http://cwe.mitre.org/data/definitions/428.html
"CWE-428: Unquoted Search Path or Element"
|
NVD-CWE-Other
|
CVE-2014-0759
|
2014-03-1 02:16 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259405
|
- |
|
schneider-electric
|
floating_license_manager
|
Per: http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01
"This license manager is used in the following Schneider Electric products:
Power Monitoring Expert,
Struxureware process Expert (…
|
NVD-CWE-Other
|
CVE-2014-0759
|
2014-03-1 02:16 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259406
|
- |
|
cisco
|
intrusion_prevention_system
|
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.
|
CWE-20
Improper Input Validation
|
CVE-2014-2103
|
2014-03-1 01:48 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259407
|
- |
|
i-doit
|
i-doit
|
Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2231
|
2014-03-1 00:27 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259408
|
- |
|
cisco
|
wireless_lan_controller
|
The Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6699
|
2014-02-28 09:11 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259409
|
- |
|
elastix
|
elastix
|
Cross-site scripting (XSS) vulnerability in xmlservices/E_book.php in Elastix 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the Page parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6608
|
2014-02-28 06:47 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259410
|
- |
|
novell
|
iprint
|
The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-3708
|
2014-02-28 06:46 |
2013-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
