258851
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7288
|
2014-02-25 23:47 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258852
|
- |
|
dotnetblogengine
|
blogengine.net
|
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
|
CWE-200
Information Exposure
|
CVE-2013-6953
|
2014-02-25 23:38 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258853
|
- |
|
xen
|
xen
|
Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause…
|
NVD-CWE-noinfo
|
CVE-2011-1936
|
2014-02-25 23:10 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258854
|
- |
|
7mediaws
|
edutrac
|
Directory traversal vulnerability in 7 Media Web Solutions eduTrac before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the showmask parameter to installer/overview.php.
|
CWE-22
Path Traversal
|
CVE-2013-7097
|
2014-02-25 23:05 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258855
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie li…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7275
|
2014-02-25 23:03 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258856
|
- |
|
westerndeal wordpress
|
advanced_dewplayer wordpress
|
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
|
CWE-22
Path Traversal
|
CVE-2013-7240
|
2014-02-25 22:18 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258857
|
- |
|
apache
|
cloudstack
|
The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0031
|
2014-02-25 21:38 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258858
|
- |
|
icinga
|
icinga
|
Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbit…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7106
|
2014-02-25 21:19 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258859
|
- |
|
almanah_project
|
almanah
|
Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1853
|
2014-02-25 11:44 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258860
|
- |
|
opsview
|
opsview
|
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-7256
|
2014-02-25 11:17 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|