Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2957

Malware in sbrugna...

10CVSS6.4AI score0.04373EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-2958

Malware in sbrugna...

7.5CVSS6.4AI score0.01611EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-2955

Malware in sbrugna...

5CVSS6.4AI score0.03002EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2956

Malware in sbrugna...

7.5CVSS6.4AI score0.01535EPSS
Exploits1References2
NVD
NVD
added 2014/05/08 10:55 a.m.14 views

CVE-2014-2933

Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname...

5CVSS6.7AI score0.03002EPSS
Exploits0References1
NVD
NVD
added 2014/05/08 10:55 a.m.21 views

CVE-2014-2934

Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to 1 costview2/jobs.php or 2 costview2/printers.php...

7.5CVSS8.5AI score0.01535EPSS
Exploits1References1
NVD
NVD
added 2014/05/08 10:55 a.m.16 views

CVE-2014-2936

The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via 1 the maindirhotfolder parameter to dirmng/index.php, or an unspecified parameter to 2 PPD/index.php, 3 dirmng/docmd.php, or 4 dirmng/param.php...

7.5CVSS6.7AI score0.01611EPSS
Exploits1References2
Prion
Prion
added 2014/05/08 10:55 a.m.15 views

Cross site request forgery (csrf)

costview3/xmlrpcserver/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request...

10CVSS8.2AI score0.04373EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/05/08 10:55 a.m.12 views

Sql injection

The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via 1 the maindirhotfolder parameter to dirmng/index.php, or an unspecified parameter to 2 PPD/index.php, 3 dirmng/docmd.php, or 4 dirmng/param.php...

7.5CVSS7.2AI score0.01611EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/05/08 10:55 a.m.21 views

Sql injection

Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to 1 costview2/jobs.php or 2 costview2/printers.php...

7.5CVSS9.2AI score0.01535EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/05/08 10:0 a.m.23 views

CVE-2014-2934

Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to 1 costview2/jobs.php or 2 costview2/printers.php...

8.5AI score0.01535EPSS
Exploits1References1
Cvelist
Cvelist
added 2014/05/08 10:0 a.m.19 views

CVE-2014-2933

Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname...

6.7AI score0.03002EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/05/08 10:0 a.m.20 views

CVE-2014-2936

The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via 1 the maindirhotfolder parameter to dirmng/index.php, or an unspecified parameter to 2 PPD/index.php, 3 dirmng/docmd.php, or 4 dirmng/param.php...

6.7AI score0.01611EPSS
Exploits1References2
CVE
CVE
added 2014/05/08 10:0 a.m.43 views

CVE-2014-2936

The CVE-2014-2936 entry concerns Caldera 9.20’s directory manager. The vulnerability stems from dynamic/global variable scope handling in multiple scripts (dirmng/index.php, PPD/index.php, dirmng/docmd.php, dirmng/param.php, via maindir_hotfolder or an unspecified parameter), enabling variable-in...

7.5CVSS6.9AI score0.01611EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2014/05/08 10:0 a.m.46 views

CVE-2014-2935

CVE-2014-2935 affects CostView in Caldera 9.20. The vulnerability exists in /costview3/xmlrpc_server/xmlrpc.php where a crafted XMLRPC request can inject shell metacharacters in a methodCall, allowing an unauthenticated remote attacker to execute arbitrary commands on the server. Connected source...

10CVSS7.9AI score0.04373EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/05/08 10:0 a.m.49 views

CVE-2014-2933

CVE-2014-2933 is a directory traversal vulnerability affecting Caldera 9.20 via the /dirmng/index.php script. The exposed flaw arises from improper limitation of a pathname to a restricted directory, allowing remote unauthenticated attackers to access arbitrary directories on the server. Public r...

5CVSS6.9AI score0.03002EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2014/05/08 10:0 a.m.46 views

CVE-2014-2934

CVE-2014-2934 involves multiple SQL injection vulnerabilities in Caldera 9.20. The affected components are Caldera 9.20’s web interface, specifically the costview2/jobs.php and costview2/printers.php scripts, where the tr parameter is improperly sanitized, enabling remote attackers to execute arb...

7.5CVSS8.8AI score0.01535EPSS
Exploits1References1Affected Software1
CERT
CERT
added 2014/05/07 12:0 a.m.40 views

Caldera 9.20 contains multiple vulnerabilities

Overview Caldera 9.20, and possibly earlier versions, contains multiple vulnerabilities. Description CWE-22 - Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2014-2933Caldera 9.20 and possibly earlier versions contains a path traversal vulnerability due to the...

10CVSS8.2AI score0.04373EPSS
Exploits2References2
Rows per page
Query Builder