258831
|
- |
|
7mediaws
|
edutrac
|
Directory traversal vulnerability in 7 Media Web Solutions eduTrac before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the showmask parameter to installer/overview.php.
|
CWE-22
Path Traversal
|
CVE-2013-7097
|
2014-02-25 23:05 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258832
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie li…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7275
|
2014-02-25 23:03 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258833
|
- |
|
westerndeal wordpress
|
advanced_dewplayer wordpress
|
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
|
CWE-22
Path Traversal
|
CVE-2013-7240
|
2014-02-25 22:18 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258834
|
- |
|
apache
|
cloudstack
|
The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0031
|
2014-02-25 21:38 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258835
|
- |
|
icinga
|
icinga
|
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbit…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7106
|
2014-02-25 21:19 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258836
|
- |
|
almanah_project
|
almanah
|
Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1853
|
2014-02-25 11:44 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258837
|
- |
|
opsview
|
opsview
|
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-7256
|
2014-02-25 11:17 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258838
|
- |
|
cs-cart
|
cs-cart
|
Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7317
|
2014-02-25 11:14 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258839
|
- |
|
aphpkb
|
aphpkb
|
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7289
|
2014-02-25 11:01 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258840
|
- |
|
google
|
chrome
|
Google Chrome through 32.0.1700.23 on Android allows remote attackers to spoof the address bar via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-6642
|
2014-02-25 10:55 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|