|
259031
|
- |
|
x2engine
|
x2crm
|
Directory traversal vulnerability in X2Engine X2CRM before 3.5 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the file parameter to inde…
|
CWE-22
Path Traversal
|
CVE-2013-5692
|
2013-10-2 05:01 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259032
|
- |
|
cisco
|
unified_computing_system
|
The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the…
|
CWE-20
Improper Input Validation
|
CVE-2012-4096
|
2013-10-2 04:23 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259033
|
- |
|
argosoft
|
argosoft_mail_server
|
ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infin…
|
NVD-CWE-Other
|
CVE-2002-1005
|
2013-10-1 10:22 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259034
|
- |
|
vmware
|
esx
esxi
|
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled ex…
|
CWE-20
Improper Input Validation
|
CVE-2013-1661
|
2013-09-30 23:35 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259035
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.6 does not properly restrict JSP function calls, which allows remote authenticated users to perform arbitrary JSP operations by leveraging the Student ro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3601
|
2013-09-30 23:34 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259036
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers t…
|
CWE-255
Credentials Management
|
CVE-2013-1649
|
2013-09-30 23:32 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259037
|
- |
|
cisco
|
ios_xe
ios
|
The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-5472
|
2013-09-30 23:24 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259038
|
- |
|
dell
|
idrac6_bmc
|
The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI command…
|
CWE-287
Improper Authentication
|
CVE-2013-4783
|
2013-09-27 12:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259039
|
- |
|
dell
|
idrac6_firmware
|
The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified f…
|
NVD-CWE-noinfo
|
CVE-2013-4785
|
2013-09-27 12:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259040
|
- |
|
apple
|
iphone_os
|
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition invo…
|
CWE-362
Race Condition
|
CVE-2013-5147
|
2013-09-27 12:47 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
