mozilla vulnerabilities and exploits

9
CVSSv2
CVE-2019-18396

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to...

TechnicolorTd5130v2 Firmware
NA
CVE-2019-18883

LavaLite CMS version 5.7 suffers from a persistent cross site scripting vulnerability....

6.5
CVSSv2
CVE-2014-9013

The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user....

Wpmarketplace ProjectWpmarketplace
4
CVSSv2
CVE-2014-9014

Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter....

Wpmarketplace ProjectWpmarketplace
7.5
CVSSv2
CVE-2005-2354

Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues....

5
CVSSv2
CVE-2013-2227

GLPI 0.83.7 has Local File Inclusion in common.tabs.php....

Glpi-projectGlpiDebianDebian Linux
5.5
CVSSv2
CVE-2018-4064

An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user...

NA
CVE-2019-11758

Mozilla Firefox is vulnerable to a denial of service, caused by a memory safety bug in Firefox 68 when 360 Total Security was installed. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to...

NA
CVE-2019-11764

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack...

NA
CVE-2019-11761

Mozilla Firefox could allow a remote attacker to gain unauthorized access to the system, caused by an error when using a form with a data URI. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to gain access to the...