|
259851
|
- |
|
kent-web
|
clip-mail
|
Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3649
|
2013-10-12 02:01 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259852
|
- |
|
choice_wireless
|
wixfmr-111
|
ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request.
|
CWE-287
Improper Authentication
|
CVE-2013-3581
|
2013-10-12 01:55 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259853
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3652
|
2013-10-12 01:50 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259854
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_F…
|
CWE-22
Path Traversal
|
CVE-2013-3654
|
2013-10-12 01:50 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259855
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3653
|
2013-10-12 01:49 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259856
|
- |
|
emc
|
replication_manager
|
EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an …
|
CWE-255
Credentials Management
|
CVE-2013-3272
|
2013-10-12 00:51 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259857
|
- |
|
simone_tellini
|
mod_accounting
|
SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header.
|
CWE-89
SQL Injection
|
CVE-2013-5697
|
2013-10-12 00:17 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259858
|
- |
|
libreswan
|
libreswan
|
Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2052
|
2013-10-12 00:11 |
2013-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259859
|
- |
|
freeswitch
|
freeswitch
|
Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary co…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2238
|
2013-10-11 23:52 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259860
|
- |
|
spip
|
spip
|
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
|
NVD-CWE-noinfo
|
CVE-2013-2118
|
2013-10-11 23:51 |
2013-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
