260091
|
- |
|
open-xchange
|
open-xchange_appsuite open-xchange_server
|
CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to …
|
CWE-94
Code Injection
|
CVE-2013-2582
|
2013-09-27 01:47 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260092
|
- |
|
sharethis
|
sharethis
|
Cross-site request forgery (CSRF) vulnerability in the ShareThis plugin before 7.0.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this…
|
CWE-352
Origin Validation Error
|
CVE-2013-3479
|
2013-09-27 01:47 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260093
|
- |
|
open-xchange
|
open-xchange_appsuite open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow r…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2583
|
2013-09-27 01:44 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260094
|
- |
|
open-xchange
|
open-xchange_server
|
Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2013-1645
|
2013-09-27 01:42 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260095
|
- |
|
emc
|
rsa_archer_egrc
|
EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3276
|
2013-09-27 01:41 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260096
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HT…
|
CWE-94
Code Injection
|
CVE-2013-1647
|
2013-09-27 01:38 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260097
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1646
|
2013-09-27 01:37 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260098
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, w…
|
CWE-255
Credentials Management
|
CVE-2013-4790
|
2013-09-27 01:36 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260099
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1650
|
2013-09-27 01:20 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260100
|
- |
|
matrikonopc
|
scada_dnp3_opc_server
|
MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2791
|
2013-09-27 01:17 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|