260071
|
- |
|
wordpress
|
wordpress
|
wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4340
|
2013-10-2 13:29 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260072
|
- |
|
canonical
|
ubuntu_linux
|
A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1060
|
2013-10-2 13:23 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260073
|
- |
|
rockwellautomation
|
rslinx_enterprise
|
Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4715
|
2013-10-2 13:18 |
2013-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260074
|
- |
|
x2engine
|
x2crm
|
Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to inde…
|
CWE-22
Path Traversal
|
CVE-2013-5692
|
2013-10-2 05:01 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260075
|
- |
|
cisco
|
unified_computing_system
|
The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the…
|
CWE-20
Improper Input Validation
|
CVE-2012-4096
|
2013-10-2 04:23 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260076
|
- |
|
argosoft
|
argosoft_mail_server
|
ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infin…
|
NVD-CWE-Other
|
CVE-2002-1005
|
2013-10-1 10:22 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260077
|
- |
|
vmware
|
esx esxi
|
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled ex…
|
CWE-20
Improper Input Validation
|
CVE-2013-1661
|
2013-09-30 23:35 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260078
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.6 does not properly restrict JSP function calls, which allows remote authenticated users to perform arbitrary JSP operations by leveraging the Student ro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3601
|
2013-09-30 23:34 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260079
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers t…
|
CWE-255
Credentials Management
|
CVE-2013-1649
|
2013-09-30 23:32 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260080
|
- |
|
cisco
|
ios_xe ios
|
The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-5472
|
2013-09-30 23:24 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|