|
260391
|
- |
|
o-dyn
|
collabtive
|
Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) User parameter in the edit user profile feature to ma…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5284
|
2013-08-14 01:58 |
2012-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260392
|
- |
|
open-emr
|
openemr
|
Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_ra…
|
CWE-89
SQL Injection
|
CVE-2013-4619
|
2013-08-13 23:05 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260393
|
- |
|
open-emr
|
openemr
|
Cross-site scripting (XSS) vulnerability in interface/main/onotes/office_comments_full.php in OpenEMR 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the note parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4620
|
2013-08-13 22:56 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260394
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site scripting (XSS) vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName,…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6458
|
2013-08-13 22:10 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260395
|
- |
|
selinc
|
sel-2241
sel-3505
sel-3530
sel-3530-4
|
Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over…
|
CWE-20
Improper Input Validation
|
CVE-2013-2798
|
2013-08-13 05:23 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260396
|
- |
|
schneider-electric
|
citectscada
powerlogic_scada
vijeo_citect
|
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2796
|
2013-08-13 05:21 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260397
|
- |
|
schneider-electric
|
citectscada
powerlogic_scada
vijeo_citect
|
Per: http://ics-cert.us-cert.gov/advisories/ICSA-13-217-02
"This vulnerability is not exploitable remotely."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2796
|
2013-08-13 05:21 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260398
|
- |
|
selinc
|
sel-2241
sel-3505
sel-3530
sel-3530-4
|
Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
|
CWE-20
Improper Input Validation
|
CVE-2013-2792
|
2013-08-13 05:00 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260399
|
- |
|
moxa
|
oncell_gateway_firmware
oncell_gateway_g3111
oncell_gateway_g3151
oncell_gateway_g3211
oncell_gateway_g3251
|
Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a sufficient source of entropy for SSH and SSL keys, which makes it easier for remote attackers to obtai…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3039
|
2013-08-13 04:28 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260400
|
- |
|
alkacon
|
opencms
|
Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4600
|
2013-08-13 02:45 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
