|
260371
|
- |
|
henri_wahl
|
nagstamon
|
The automatic update request in Nagstamont before 0.9.10 uses a cleartext base64 format for transmission of a username and password, which allows remote attackers to obtain sensitive information by s…
|
CWE-255
Credentials Management
|
CVE-2013-4114
|
2013-08-22 03:37 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260372
|
- |
|
alienvault
|
open_source_security_information_management
|
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) sensor parameter in a…
|
CWE-89
SQL Injection
|
CVE-2013-5321
|
2013-08-21 23:08 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260373
|
- |
|
atlassian
|
jira
|
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5319
|
2013-08-21 23:05 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260374
|
- |
|
joomlaworks
|
jw_allvideos
|
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../..…
|
CWE-22
Path Traversal
|
CVE-2010-0696
|
2013-08-21 15:18 |
2010-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260375
|
- |
|
sgi
|
irix
|
System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System…
|
NVD-CWE-Other
|
CVE-1999-1183
|
2013-08-21 13:05 |
1998-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260376
|
- |
|
redhat
|
enterprise_virtualization
|
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields."
|
NVD-CWE-Other
|
CVE-2013-0167
|
2013-08-20 23:22 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260377
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[ht…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5314
|
2013-08-20 22:46 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260378
|
- |
|
bigtreecms
|
bigtree_cms
|
Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/update.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for re…
|
CWE-352
Origin Validation Error
|
CVE-2013-5313
|
2013-08-20 22:30 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260379
|
- |
|
vastal
|
phpvid
|
Multiple cross-site scripting (XSS) vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to browse_videos.php or the (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5312
|
2013-08-20 22:17 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260380
|
- |
|
vastal
|
phpvid
|
Multiple SQL injection vulnerabilities in Vastal I-Tech phpVID 1.2.3 allow remote attackers to execute arbitrary SQL commands via the "n" parameter to (1) browse_videos.php or (2) members.php. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2013-5311
|
2013-08-20 22:15 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
