|
259721
|
- |
|
cisco
|
unified_communications_manager
|
Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrar…
|
CWE-352
Origin Validation Error
|
CVE-2013-3397
|
2013-10-12 02:09 |
2013-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259722
|
- |
|
kent-web
|
post-mail
|
Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3648
|
2013-10-12 02:06 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259723
|
- |
|
lockon
|
ec-cube
|
LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SC_CheckError.php and data/class/SC_FormPara…
|
CWE-94
Code Injection
|
CVE-2013-3651
|
2013-10-12 02:04 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259724
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LC_Page_ResizeImage.php in LOCKON EC-CUBE before 2.12.5 allows remote attackers to read arbitrary image files via…
|
CWE-22
Path Traversal
|
CVE-2013-3650
|
2013-10-12 02:03 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259725
|
- |
|
kent-web
|
clip-mail
|
Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3649
|
2013-10-12 02:01 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259726
|
- |
|
choice_wireless
|
wixfmr-111
|
ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request.
|
CWE-287
Improper Authentication
|
CVE-2013-3581
|
2013-10-12 01:55 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259727
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3652
|
2013-10-12 01:50 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259728
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_F…
|
CWE-22
Path Traversal
|
CVE-2013-3654
|
2013-10-12 01:50 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259729
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3653
|
2013-10-12 01:49 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259730
|
- |
|
emc
|
replication_manager
|
EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an …
|
CWE-255
Credentials Management
|
CVE-2013-3272
|
2013-10-12 00:51 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
