|
259471
|
- |
|
openstack
|
havana
grizzly
folsom
|
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4497
|
2013-11-7 10:11 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259472
|
- |
|
opsview
|
opsview
|
SQL injection vulnerability in status/service/acknowledge in Opsview before 4.4.1 allows remote attackers to execute arbitrary SQL commands via the service_selection parameter.
|
CWE-89
SQL Injection
|
CVE-2013-5694
|
2013-11-7 10:03 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259473
|
- |
|
opsview
|
opsview
|
Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/auditlog/, (2) PATH_INFO to…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5695
|
2013-11-7 10:02 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259474
|
- |
|
attachmate
|
verastream_host_integrator
|
Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a cr…
|
CWE-22
Path Traversal
|
CVE-2013-3626
|
2013-11-7 10:00 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259475
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4714
|
2013-11-7 09:51 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259476
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via …
|
CWE-89
SQL Injection
|
CVE-2013-4715
|
2013-11-7 09:51 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259477
|
- |
|
cisco
|
prime_central_for_hosted_collaboration_solution
|
The ITM web server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (temporary HTTP service outage) via a flood of TCP packets, aka …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5562
|
2013-11-7 09:50 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259478
|
- |
|
cisco
|
security_monitoring_analysis_and_response_system
|
Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp in Cisco Security Monitoring, Analysis and Response System (CS-MARS) allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5563
|
2013-11-7 09:47 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259479
|
- |
|
ajaxplorer
|
ajaxplorer
|
Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 (dot dot backslash encoded null byte) i…
|
CWE-22
Path Traversal
|
CVE-2013-5688
|
2013-11-7 03:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259480
|
- |
|
emc
|
documentum_eroom
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3286
|
2013-11-7 03:47 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
