260521
|
- |
|
wolfgang_ziegler
|
rules
|
Cross-site scripting (XSS) vulnerability in the Rules module 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with the "administer rules" permission to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1906
|
2013-06-26 00:12 |
2013-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260522
|
- |
|
php
|
php
|
The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash)…
|
CWE-20
Improper Input Validation
|
CVE-2013-4636
|
2013-06-25 07:37 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260523
|
- |
|
canon
|
mg3100_printer mg5300_printer mg6100_printer mp340_printer mp495_printer mx870_printer mx890_printer mx920_printer mx922_printer
|
The Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers allow remote attackers to cause a denial of service (device hang) via a crafted LAN_TXT24 parameter to English/…
|
CWE-20
Improper Input Validation
|
CVE-2013-4615
|
2013-06-25 07:31 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260524
|
- |
|
canon
|
mg3100_printer mg5300_printer mg6100_printer mp340_printer mp495_printer mx870_printer mx890_printer mx920_printer mx922_printer
|
English/pages_MacUS/wls_set_content.html on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers shows the Wi-Fi PSK passphrase in cleartext, which allows physicall…
|
CWE-255
Credentials Management
|
CVE-2013-4614
|
2013-06-25 07:30 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260525
|
- |
|
canon
|
mg3100_printer mg5300_printer mg6100_printer mp340_printer mp495_printer mx870_printer mx890_printer mx920_printer mx922_printer
|
The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4613
|
2013-06-25 07:28 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260526
|
- |
|
cisco
|
webex_social
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco WebEx Social allow remote attackers to hijack the authentication of arbitrary users via unspecified vectors, aka Bug IDs CSCuh10405…
|
CWE-352
Origin Validation Error
|
CVE-2013-3392
|
2013-06-25 07:16 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260527
|
- |
|
wordpress
|
wp_maintenance_mode_plugin
|
Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2013-3250
|
2013-06-24 13:00 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260528
|
- |
|
turck
|
bl20_programmable_gateway bl67_programmable_gateway bl20_programmable_gateway_firmware bl67_programmable_gateway_firmware
|
TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session.
|
CWE-255
Credentials Management
|
CVE-2012-4697
|
2013-06-24 13:00 |
2013-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260529
|
- |
|
cisco
|
telepresence_tc_software ip_video_phone_e20 telepresence_codec_c40 telepresence_codec_c60 telepresence_codec_c90 telepresence_ex60 telepresence_ex90 telepresence_mx200 telepre…
|
Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.
|
CWE-399
Resource Management Errors
|
CVE-2013-3377
|
2013-06-22 02:29 |
2013-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260530
|
- |
|
huawei
|
seco_versatile_security_manager
|
Huawei Seco Versatile Security Manager (VSM) before V200R002C00SPC300 allows remote authenticated users to gain privileges via a certain change to a group configuration setting.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4633
|
2013-06-22 01:39 |
2013-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|