|
260631
|
- |
|
symantec
|
brightmail_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1611
|
2013-05-10 13:00 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260632
|
- |
|
cisco
|
unified_customer_voice_portal
|
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbit…
|
CWE-16
Configuration
|
CVE-2013-1222
|
2013-05-9 22:54 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260633
|
- |
|
ibm
|
websphere_datapower_xc10_appliance_firmware
websphere_datapower_xc10_appliance
|
Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown…
|
NVD-CWE-noinfo
|
CVE-2013-0600
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260634
|
- |
|
invensys
|
wonderware_information_server
|
SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-0684
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260635
|
- |
|
invensys
|
wonderware_information_server
|
Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0685
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260636
|
- |
|
invensys
|
wonderware_information_server
|
Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2013-0686
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260637
|
- |
|
invensys
|
wonderware_information_server
|
Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0688
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260638
|
- |
|
cisco
|
unified_customer_voice_portal
|
The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVIT…
|
NVD-CWE-Other
|
CVE-2013-1220
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260639
|
- |
|
cisco
|
unified_customer_voice_portal
|
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbi…
|
CWE-16
Configuration
|
CVE-2013-1221
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260640
|
- |
|
cisco
|
unified_customer_voice_portal
|
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via …
|
CWE-20
Improper Input Validation
|
CVE-2013-1223
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
