|
259721
|
- |
|
emc
|
rsa_authentication_agent
|
EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it…
|
CWE-255
Credentials Management
|
CVE-2013-3271
|
2013-10-8 02:56 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259722
|
- |
|
corporater
|
epm_suite
|
Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3584
|
2013-10-8 02:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259723
|
- |
|
samsung
|
smart_viewer
|
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file …
|
CWE-255
Credentials Management
|
CVE-2013-3585
|
2013-10-8 02:53 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259724
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2983
|
2013-10-8 02:49 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259725
|
- |
|
node_access_user_reference_project
|
nodeaccess_userreference_module
|
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author upda…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2123
|
2013-10-8 02:48 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259726
|
- |
|
crunchify
|
all-in-on-webmaster
|
Cross-site request forgery (CSRF) vulnerability in the All in One Webmaster plugin before 8.2.4 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that…
|
CWE-352
Origin Validation Error
|
CVE-2013-2696
|
2013-10-8 02:48 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259727
|
- |
|
login_security_project
|
login_security
|
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service (CPU consumption) via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2197
|
2013-10-8 02:46 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259728
|
- |
|
fast_permissions_administration_project
|
fast_permission_administration
|
The Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to the modal content callback, which allows remote attackers …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2247
|
2013-10-8 02:45 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259729
|
- |
|
asus
|
rt-n10e_firmware
rt-n10e
|
qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authentication, which allows remote attackers to discover the administrator password via a direct request.
|
CWE-287
Improper Authentication
|
CVE-2013-3610
|
2013-10-8 01:35 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259730
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in files/ajax/download.php in ownCloud before 3.0.3 allows remote attackers to inject arbitrary web script or HTML via the files parameter, a different vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2398
|
2013-10-8 01:29 |
2012-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
