|
261091
|
- |
|
google
|
picasa
|
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4823
|
2013-07-5 14:45 |
2007-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261092
|
- |
|
lianja
|
lianja_sql_server
|
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3563
|
2013-07-5 13:00 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261093
|
- |
|
mongodb
|
mongodb
|
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4650
|
2013-07-5 13:00 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261094
|
- |
|
phpmyadmin
|
phpmyadmin
|
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal ar…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4729
|
2013-07-5 13:00 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261095
|
- |
|
redhat
|
enterprise_virtualization_manager
|
Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consump…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2144
|
2013-07-5 04:13 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261096
|
- |
|
aretimes
|
com_maianmedia
|
SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index…
|
CWE-89
SQL Injection
|
CVE-2010-4739
|
2013-07-4 16:13 |
2011-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261097
|
- |
|
apache
|
rave
|
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demon…
|
CWE-200
Information Exposure
|
CVE-2013-1814
|
2013-07-4 02:03 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261098
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified envir…
|
NVD-CWE-Other
|
CVE-2007-0747
|
2013-07-4 00:33 |
2007-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261099
|
- |
|
onlinetechtools.com
|
owos_lite
|
SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.
|
NVD-CWE-Other
|
CVE-2005-3852
|
2013-07-3 23:48 |
2005-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261100
|
- |
|
boxes_project
|
boxes
|
Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with administer or edit boxes permissions to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0259
|
2013-07-3 13:29 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
