261101
|
- |
|
zeroclipboard_project
|
zeroclipboard
|
Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vu…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6550
|
2013-07-3 13:29 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261102
|
- |
|
cisco
|
telepresence_tc_software
|
The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080.
|
NVD-CWE-noinfo
|
CVE-2013-3401
|
2013-07-2 13:00 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261103
|
- |
|
kurt_gusbeth
|
myquizpoll
|
SQL injection vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-4745
|
2013-07-2 13:00 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261104
|
- |
|
kurt_gusbeth
|
myquizpoll
|
Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension before 2.0.6 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4746
|
2013-07-2 13:00 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261105
|
- |
|
digital_alert_systems monroe_electronics
|
dasdec_eas r189_one-net_eas
|
The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4735
|
2013-07-2 03:48 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261106
|
- |
|
digital_alert_systems monroe_electronics
|
dasdec_eas r189_one-net_eas
|
dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier f…
|
NVD-CWE-noinfo
|
CVE-2013-4734
|
2013-07-2 03:45 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261107
|
- |
|
ds3
|
authentication_server
|
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote attackers to inject arbitrary error-page text via the message parameter.
|
CWE-20
Improper Input Validation
|
CVE-2013-4098
|
2013-07-2 02:14 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261108
|
- |
|
ds3
|
authentication_server
|
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error …
|
CWE-22
Path Traversal
|
CVE-2013-4097
|
2013-07-2 02:13 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261109
|
- |
|
ds3
|
authentication_server
|
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field.
|
CWE-20
Improper Input Validation
|
CVE-2013-4096
|
2013-07-2 02:02 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261110
|
- |
|
imperva
|
securesphere
|
plain/actionsets.html in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to execute arbitrary commands via a task with a …
|
CWE-20
Improper Input Validation
|
CVE-2013-4095
|
2013-07-2 01:54 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|