CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2014-2094

Malware in sbrugna...

7.5CVSS6.3AI score0.01521EPSS

Exploits2References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-1297

Malware in sbrugna...

7.5CVSS6.3AI score0.00585EPSS

Exploits2References7

securityvulns•added 2014/05/04 12:0 a.m.•62 views

CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details: It was possible to access a URL that allowed...

7.5CVSS6.3AI score0.00585EPSS

Exploits2

securityvulns•added 2014/05/04 12:0 a.m.•73 views

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

Vulnerability title: Unrestricted file upload in Livetecs Timelive CVE: CVE-2014-2042 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.5.1 Reported by: Richard Hatch Details: It was discovered that it was possible for low-level TimeLive application users to upload file...

7.5CVSS6.2AI score0.01521EPSS

Exploits2

NVD•added 2014/04/28 2:9 p.m.•24 views

CVE-2014-2042

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory ...

7.5CVSS7.2AI score0.01521EPSS

Exploits2References2

NVD•added 2014/04/28 2:9 p.m.•25 views

CVE-2014-1217

Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors...

7.5CVSS6.6AI score0.00585EPSS

Exploits2References4

Prion•added 2014/04/28 2:9 p.m.•14 views

Unrestricted file upload

7.5CVSS7.8AI score0.01521EPSS

Exploits2References2Affected Software1

ATTACKERKB•added 2014/04/28 2:9 p.m.•5 views

CVE-2014-2042

7.5CVSS6.2AI score0.01521EPSS

Exploits2References3

Prion•added 2014/04/28 2:9 p.m.•15 views

Design/Logic Flaw

7.5CVSS7.2AI score0.00585EPSS

Exploits2References4Affected Software1

CVE•added 2014/04/28 2:0 p.m.•56 views

CVE-2014-1217

Livetecs Timelive prior to version 6.2.8 has an unauthenticated access flaw in systemsetting.aspx that enables remote attackers to alter configurations and disclose the database connection string and credentials. The vulnerability affects Timelive 6.2.71 and similar build variants; fixed in 6.2.8...

7.5CVSS6.8AI score0.00585EPSS

Exploits2References4Affected Software1

CVE•added 2014/04/28 2:0 p.m.•40 views

CVE-2014-2042

CVE-2014-2042 affects Livetecs Timelive; unrestricted file upload in the Manage Project functionality (Uploads/) enables remote code execution. Affected: Timelive up to version 6.2.71. Root cause: lack of file-type restrictions and permissive Read/Execute on uploaded files. Impact: potential arbi...

7.5CVSS7.4AI score0.01521EPSS

Exploits2References2Affected Software1

Cvelist•added 2014/04/28 2:0 p.m.•36 views

CVE-2014-2042

7.2AI score0.01521EPSS

Exploits2References2

Cvelist•added 2014/04/28 2:0 p.m.•30 views

CVE-2014-1217

6.6AI score0.00585EPSS

Exploits2References4

0day.today•added 2014/04/24 12:0 a.m.•71 views

Livetecs Timelive 6.2.71 Unauthenticated Access / File Upload Vulnerabilities

Exploit for php platform in category web applications Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details:...

7.5CVSS6.5AI score0.01521EPSS

Exploits3