|
257641
|
- |
|
xyzscripts
|
newsletter_manager
|
Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6627
|
2014-01-18 03:35 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257642
|
- |
|
cisco
|
webex_meetings_server
|
The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source co…
|
CWE-255
Credentials Management
|
CVE-2013-6687
|
2014-01-18 00:12 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257643
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (applicatio…
|
CWE-20
Improper Input Validation
|
CVE-2013-7113
|
2014-01-17 14:20 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257644
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4670
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257645
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of un…
|
CWE-352
Origin Validation Error
|
CVE-2013-4671
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257646
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4672
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257647
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
|
CWE-78
OS Command
|
CVE-2013-1616
|
2014-01-17 14:13 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257648
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2013-1617
|
2014-01-17 14:13 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257649
|
- |
|
stunnel
|
stunnel
|
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2013-1762
|
2014-01-17 14:13 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257650
|
- |
|
wellintech
|
kingalarm\&event
kinggraphic
kingscada
|
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client mach…
|
CWE-94
Code Injection
|
CVE-2013-2827
|
2014-01-17 02:21 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
