259231
|
- |
|
idleman
|
leed
|
Multiple cross-site request forgery (CSRF) vulnerabilities in action.php in Leed (Light Feed), possibly before 1.5 Stable, allow remote attackers to hijack the authentication of administrators for un…
|
CWE-352
Origin Validation Error
|
CVE-2013-2628
|
2013-12-24 00:28 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259232
|
- |
|
idleman
|
leed
|
SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action.
|
CWE-89
SQL Injection
|
CVE-2013-2627
|
2013-12-24 00:27 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259233
|
- |
|
fujitsu
|
interstage_application_server interstage_studio
|
Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7105
|
2013-12-20 13:39 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259234
|
- |
|
projectsprouts
|
sprout
|
The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) pa…
|
CWE-94
Code Injection
|
CVE-2013-6421
|
2013-12-20 13:38 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259235
|
- |
|
zippyyum
|
subway_ordering_for_california
|
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by pass…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6986
|
2013-12-20 13:38 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259236
|
- |
|
apache
|
mod_dontdothat subversion
|
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a den…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4505
|
2013-12-20 13:36 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259237
|
- |
|
emc
|
documentum_taskspace documentum_capital_projects documentum_wdk documentum_digital_asset_manager documentum_administrator documentum_webtop documentum_web_publisher
|
Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3281
|
2013-12-20 13:35 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259238
|
- |
|
netgear
|
prosafe_firmware prosafe_gs725ts prosafe_gs728tps prosafe_gs728ts prosafe_gs752tps prosafe_gs724t prosafe_s716t prosafe_gs728txs prosafe_gs752txs prosafe_gs748t prosafe_…
|
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.…
|
CWE-200
Information Exposure
|
CVE-2013-4775
|
2013-12-20 04:19 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259239
|
- |
|
netgear
|
prosafe_firmware prosafe_gs748t prosafe_gs510tp prosafe_gs724t prosafe_s716t
|
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service (reboot or crash) via a crafted H…
|
NVD-CWE-noinfo
|
CVE-2013-4776
|
2013-12-20 03:07 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259240
|
- |
|
valvesoftware
|
steamos
|
Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valve SteamOS Beta stores cleartext credentials in a .valve-bugreporter.cfg file upon a Remember Credentials action, which allows loc…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7128
|
2013-12-19 00:35 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|