Latest CVE Feed
-
7.5
HIGHCVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) before 11.5, NetFlow Traffic Analyzer (NTA) before 4.1, Network ... Read more
- EPSS Score: %78.93
- Published: Mar. 10, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2014-8112
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by reading... Read more
- EPSS Score: %0.27
- Published: Mar. 10, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2014-8105
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.... Read more
- EPSS Score: %0.44
- Published: Mar. 10, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-2244
Multiple cross-site scripting (XSS) vulnerabilities in Webshop hun 1.062S allow remote attackers to inject arbitrary web script or HTML via the (1) param, (2) center, (3) lap, (4) termid, or (5) nyelv_id parameter to index.php.... Read more
Affected Products : webshop_hun- EPSS Score: %0.25
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-2243
Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php.... Read more
Affected Products : webshop_hun- EPSS Score: %0.57
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-2242
Multiple SQL injection vulnerabilities in Webshop hun 1.062S allow remote attackers to execute arbitrary SQL commands via the (1) termid or (2) nyelv_id parameter to index.php.... Read more
Affected Products : webshop_hun- EPSS Score: %0.33
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2206
libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which... Read more
- EPSS Score: %0.92
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7898
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via unspecified vectors.... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7897
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanner... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7895
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCashDrawer.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid PO... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7894
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSPrinter.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid PO... Read more
- EPSS Score: %30.08
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7893
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid ... Read more
- EPSS Score: %30.08
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7892
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe r... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7891
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSPOSKeyboard.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2509.... Read more
- EPSS Score: %30.08
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7890
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.... Read more
- EPSS Score: %30.08
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7889
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSLineDisplay.ocx for Retail RP7 VFD Customer Display monitors, Retail Integrated 2x20 Display mo... Read more
- EPSS Score: %28.81
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-7888
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMICR.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS prin... Read more
- EPSS Score: %30.08
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2015-1874
Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete a... Read more
Affected Products : contact_form_db- EPSS Score: %0.19
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-2097
Multiple buffer overflows in WebGate Embedded Standard Protocol (WESP) SDK allow remote attackers to execute arbitrary code via unspecified vectors to the (1) LoadImage or (2) LoadImageEx function in the WESPMonitor.WESPMonitorCtrl.1 control, (3) ChangePa... Read more
Affected Products : webgate_embedded_standard_protocol_sdk- EPSS Score: %46.29
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2015-2096
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP address and a page reload.... Read more
Affected Products : edvr_manager- EPSS Score: %1.79
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025