Xerte Online Toolkits Arbitrary File Upload - Import Language

This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Module Options msf use exploit/multi/http/xerteunauthenticatedimportlanguage msf exploitxerteunauthenticatedimportlanguage show targets ...targets... msf...

Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Template Import

This module exploits an authentication bypass allowing arbitrary file upload in versions 3.14 and earlier to upload and execute a shell. Specifically, this targets /websitecode/php/import/import.php OPSEC This module results in directories being created and database entries which can not easily b...

WordPress Trade Runner plugin <= 3.14 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by vr0px in WordPress Plugin Trade Runner versions = 3.14...

PT-2024-27619 · Artistscope · Artistscope Copysafe Web Protection

Name of the Vulnerable Software and Affected Versions: ArtistScope CopySafe Web Protection versions 3.14 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

SUSE CVE-2014-2739

The cmareqhandler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet aka RoCE address that is properly resolved within a different module, which allows remote attackers to cause a denial of service incorrect...

PT-2023-33299 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.14 through 5.10.158 Description: The issue is related to a possible use-after-free in the memcg write event control function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Lin...

PT-2022-35541 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.14 through 5.10.149 Description: The issue is related to the detachment of devices when removing the host in the drm/mipi-dsi component. The actual impact and attack plausibility have not yet been proven...

PT-2022-33767 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.14 through v5.15.62 Description: The issue is related to error handling in the adminq component. It was introduced in version v3.14 and fixed in version v5.15.63. The actual impact and attack plausibility have not yet...

PT-2022-33390 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.14 through v5.19.3 Description: The issue is related to error handling in the adminq component. It was introduced in version v3.14 and fixed in version v5.19.4. The actual impact and attack plausibility have not yet...