NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
32504 | CVE-2014-4526 | Multiple cross-site scripting (XSS) vulnerabilities in callback.php in the efence plugin 1.3.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) zoneid, (3) pubKey, or (4) privKey parameter. | 2 | 4.3 | Medium | 2017-01-19 | 2014-07-11 | View | |
32760 | CVE-2014-4858 | Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field. | 2 | 7.5 | High | 2017-01-19 | 2015-10-05 | View | |
33016 | CVE-2014-5315 | Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2 | 4.3 | Medium | 2017-01-19 | 2017-01-06 | View | |
33528 | CVE-2014-5904 | The MiniInTheBox Online Shopping (aka com.miniinthebox.android) application 2.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 2 | 5.4 | Medium | 2017-01-19 | 2014-09-22 | View | |
33784 | CVE-2014-6231 | Unspecified vulnerability in the CWT Frontend Edit (cwt_feedit) extension before 1.2.5 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors. | 2 | 7.5 | High | 2017-01-19 | 2014-09-11 | View |
Page 17226 of 17672, showing 5 records out of 88360 total, starting on record 86126, ending on 86130