261281
|
- |
|
gwos
|
groundwork_monitor
|
Multiple SQL injection vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote authenticated users to execute arbitrary SQL commands via (1) nedi/html/System-Export.php, (2) nedi/html/Dev…
|
CWE-89
SQL Injection
|
CVE-2013-3510
|
2013-05-8 21:09 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261282
|
- |
|
gwos
|
groundwork_monitor
|
Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified …
|
CWE-20
Improper Input Validation
|
CVE-2013-3511
|
2013-05-8 21:09 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261283
|
- |
|
gwos
|
groundwork_monitor
|
The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not properly perform authorization checks, which allows remote authenticated users to read or modify configuration settings via unspeci…
|
CWE-20
Improper Input Validation
|
CVE-2013-3512
|
2013-05-8 21:09 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261284
|
- |
|
gwos
|
groundwork_monitor
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for …
|
CWE-352
Origin Validation Error
|
CVE-2013-3513
|
2013-05-8 21:09 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261285
|
- |
|
emc
|
rsa_archer_egrc rsa_archer_smartsuite
|
EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0934
|
2013-05-7 21:56 |
2013-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261286
|
- |
|
emc
|
rsa_archer_egrc rsa_archer_smartsuite
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allow remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0933
|
2013-05-7 21:51 |
2013-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261287
|
- |
|
emc
|
rsa_archer_egrc rsa_archer_smartsuite
|
EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0932
|
2013-05-7 21:49 |
2013-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261288
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based authorization for Enterprise Java Beans (EJB) access, does not call the intended authorization modul…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4550
|
2013-05-7 13:00 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261289
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
Per https://bugzilla.redhat.com/show_bug.cgi?id=870871#c7
"This issue did not affect JBoss Enterprise Application Platform versions 4.x and 5.x."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4550
|
2013-05-7 13:00 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261290
|
- |
|
google
|
authenticator
|
pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions…
|
CWE-200
Information Exposure
|
CVE-2012-6140
|
2013-05-7 13:00 |
2013-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|