Search

Search Results (365260 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-4726 1 Mailpoet 1 Mailpoet Newsletters 2025-04-12 N/A
Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.
CVE-2014-4727 1 Tp-link 2 Tl-wdr4300, Tl-wdr4300 Firmware 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the DHCP clients page in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to inject arbitrary web script or HTML via the hostname in a DHCP request.
CVE-2014-4728 1 Tp-link 2 Tl-wdr4300, Tl-wdr4300 Firmware 2025-04-12 N/A
The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to cause a denial of service (crash) via a long header in a GET request.
CVE-2014-4734 1 E107 1 E107 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107 2.0 alpha2 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.
CVE-2014-4735 1 Mywebsql 1 Mywebsql 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.
CVE-2014-4738 1 Fortinet 1 Fortiweb 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
CVE-2014-4741 1 Artifectx 1 Xclassified 2025-04-12 N/A
SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2014-4742 1 Kajona 1 Kajona 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in system/class_link.php in the System module (module_system) in Kajona before 4.5 allows remote attackers to inject arbitrary web script or HTML via the systemid parameter in a mediaFolder action to index.php.
CVE-2014-4743 1 Kajona 1 Kajona 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) search_ajax.tpl and (2) search_ajax_small.tpl in templates/default/tpl/module_search/ in the Search module (module_search) in Kajona before 4.5 allow remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2014-4744 2 Enhancesoft, Osticket 2 Osticket, Osticket 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone number field, (3) passwd1 field, (4) passwd2 field, or (5) do parameter to account.php.
CVE-2014-4746 1 Ibm 1 Websphere Portal 2025-04-12 N/A
IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote attackers to map the intranet network via a series of requests.
CVE-2014-4747 1 Ibm 1 Sametime 2025-04-12 N/A
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser.
CVE-2014-4748 1 Ibm 1 Sametime 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-4750 1 Ibm 1 Powervc 2025-04-12 N/A
IBM PowerVC Express Edition 1.2.0 before FixPack3 establishes an FTP session for transferring files to a managed IVM, which allows remote attackers to discover credentials by sniffing the network.
CVE-2014-4751 1 Ibm 1 Security Access Manager For Mobile 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Mobile 8.0.0.0, 8.0.0.1, and 8.0.0.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2014-4752 1 Ibm 40 Bladecenter 10g Vfsm, Bladecenter 10g Vfsm Firmware, Bladecenter 1\/10g and 37 more 2025-04-12 N/A
IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before 7.9.10.0; EN4093, EN4093R, CN4093, SI4093, EN2092, and G8264CS switches before 7.8.6.0; Flex System Interconnect Fabric before 7.8.6.0; 1G L2-7 SLB switch for Bladecenter before 21.0.21.0; 10G VFSM for Bladecenter before 7.8.14.0; 1:10G switch for Bladecenter before 7.4.8.0; 1G switch for Bladecenter before 5.3.5.0; Server Connectivity Module before 1.1.3.4; System Networking RackSwitch G8332 before 7.7.17.0; and System Networking RackSwitch G8000 before 7.1.7.0 have hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVE-2014-4756 1 Ibm 1 Rational License Key Server 2025-04-12 N/A
The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to hijack sessions via unspecified vectors.
CVE-2014-4757 1 Ibm 1 Content Collector 2025-04-12 N/A
The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary mailbox by invoking the Search function.
CVE-2014-4758 1 Ibm 2 Business Process Manager, Websphere Application Server 2025-04-12 N/A
IBM Business Process Manager (BPM) 7.5.x through 8.5.5 and WebSphere Lombardi Edition 7.2.x allow remote authenticated users to bypass intended access restrictions and send requests to internal services via a callService URL.
CVE-2014-4759 1 Ibm 1 Business Process Manager 2025-04-12 N/A
An unspecified Ajax service in the Content Management toolkit in IBM Business Process Manager (BPM) 8.5.x through 8.5.5 allows remote authenticated users to obtain sensitive information by performing a document-attachment search and then reading document properties in the search results.