|
260931
|
- |
|
novell
|
groupwise
|
Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directo…
|
CWE-22
Path Traversal
|
CVE-2012-0419
|
2013-04-5 12:07 |
2012-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260932
|
- |
|
tedfelix
|
acpid2
|
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4578
|
2013-04-5 12:06 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260933
|
- |
|
igor_vlasenko
|
html-template-pro
|
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to impr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4616
|
2013-04-5 12:06 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260934
|
- |
|
novell
|
groupwise
|
The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and dae…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3827
|
2013-04-5 12:05 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260935
|
- |
|
rdesktop
|
rdesktop
|
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via …
|
CWE-22
Path Traversal
|
CVE-2011-1595
|
2013-04-5 12:01 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260936
|
- |
|
invensys
|
wonderware_win-xml_exporter
|
Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) vi…
|
CWE-20
Improper Input Validation
|
CVE-2012-4710
|
2013-04-5 02:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260937
|
- |
|
schneider-electric
|
modicon_m340
|
The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users to cause a denial of service (module crash) via crafted FTP traffic, as demonstrated by the FileZill…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2761
|
2013-04-4 22:56 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260938
|
- |
|
schneider-electric
|
modicon_quantum_plc
modicon_m340
modicon_premium
|
The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, …
|
NVD-CWE-noinfo
|
CVE-2013-0664
|
2013-04-4 22:43 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260939
|
- |
|
schneider-electric
|
magelis_xbt_hmi
|
The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions…
|
CWE-255
CWE-352
Credentials Management
Origin Validation Error
|
CVE-2013-2762
|
2013-04-4 20:58 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260940
|
- |
|
joe_haskins
|
og_manager_change
|
Cross-site scripting (XSS) vulnerability in the Manager Change for Organic Groups (og_manager_change) module 7.x-2.x before 7.x-2.1 for Drupal might allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0317
|
2013-04-4 13:00 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
