|
259701
|
- |
|
bas_van_beek
|
multishop
|
SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-4682
|
2013-10-12 02:59 |
2013-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259702
|
- |
|
cisco
|
unified_communications_manager
|
Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrar…
|
CWE-352
Origin Validation Error
|
CVE-2013-3397
|
2013-10-12 02:09 |
2013-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259703
|
- |
|
kent-web
|
post-mail
|
Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3648
|
2013-10-12 02:06 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259704
|
- |
|
lockon
|
ec-cube
|
LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SC_CheckError.php and data/class/SC_FormPara…
|
CWE-94
Code Injection
|
CVE-2013-3651
|
2013-10-12 02:04 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259705
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LC_Page_ResizeImage.php in LOCKON EC-CUBE before 2.12.5 allows remote attackers to read arbitrary image files via…
|
CWE-22
Path Traversal
|
CVE-2013-3650
|
2013-10-12 02:03 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259706
|
- |
|
kent-web
|
clip-mail
|
Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3649
|
2013-10-12 02:01 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259707
|
- |
|
choice_wireless
|
wixfmr-111
|
ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request.
|
CWE-287
Improper Authentication
|
CVE-2013-3581
|
2013-10-12 01:55 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259708
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3652
|
2013-10-12 01:50 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259709
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_F…
|
CWE-22
Path Traversal
|
CVE-2013-3654
|
2013-10-12 01:50 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259710
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3653
|
2013-10-12 01:49 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
