261031
|
- |
|
opera
|
opera_browser
|
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the …
|
CWE-200
Information Exposure
|
CVE-2013-3210
|
2013-04-22 22:30 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261032
|
- |
|
pd-admin
|
pd-admin
|
Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via (1) the WebFTP Overview "Create new directory" …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0129
|
2013-04-22 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261033
|
- |
|
bitberry_software
|
bitzipper
|
BitZipper 2013 before Update 1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ZIP archive.
|
NVD-CWE-Other
|
CVE-2013-0138
|
2013-04-22 13:00 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261034
|
- |
|
lester_chan
|
wp-downloadmanager
|
Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that in…
|
CWE-352
Origin Validation Error
|
CVE-2013-2697
|
2013-04-22 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261035
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue."
|
NVD-CWE-noinfo
|
CVE-2013-3211
|
2013-04-22 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261036
|
- |
|
parallels
|
parallels_plesk_panel
|
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing cr…
|
CWE-94
Code Injection
|
CVE-2013-0132
|
2013-04-19 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261037
|
- |
|
parallels
|
parallels_plesk_panel
|
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable.
|
NVD-CWE-Other
|
CVE-2013-0133
|
2013-04-19 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261038
|
- |
|
parallels
|
parallels_plesk_panel
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2013-0133
|
2013-04-19 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261039
|
- |
|
arecont
|
vision_av1355dn_megadome_camera
|
The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69.
|
NVD-CWE-noinfo
|
CVE-2013-0139
|
2013-04-19 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261040
|
- |
|
cisco
|
telepresence_mcu_4500_series_software telepresence_mcu_4505 telepresence_mcu_4510 telepresence_mcu_4515 telepresence_mcu_4520 telepresence_mcu_4501_series_software telepresence_mcu_…
|
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate …
|
CWE-20
Improper Input Validation
|
CVE-2013-1176
|
2013-04-19 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|