260231
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.8 constructs secret tokens based on time values, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via vect…
|
CWE-352
Origin Validation Error
|
CVE-2013-5708
|
2013-09-7 02:53 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260232
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to gain privileges via a modified userid value to unspecified functions.
|
CWE-20
Improper Input Validation
|
CVE-2013-3600
|
2013-09-7 02:51 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260233
|
- |
|
softwaretoolbox
|
top_server
|
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 a…
|
CWE-20
Improper Input Validation
|
CVE-2013-2804
|
2013-09-7 02:49 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260234
|
- |
|
open-xchange
|
open-xchange_appsuite open-xchange_server
|
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authe…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5698
|
2013-09-7 02:44 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260235
|
- |
|
open-xchange
|
open-xchange_server
|
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authentic…
|
CWE-20
Improper Input Validation
|
CVE-2013-1648
|
2013-09-7 02:43 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260236
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via crafted input containing a %22…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5707
|
2013-09-7 02:09 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260237
|
- |
|
trivantis
|
coursemill_learning_management_system
|
SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3602
|
2013-09-6 23:38 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260238
|
- |
|
trivantis
|
coursemill_learning_management_system
|
userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and 6.8 allows remote attackers to gain privileges via a modified user-role value to home.html.
|
CWE-20
Improper Input Validation
|
CVE-2013-3599
|
2013-09-6 23:04 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260239
|
- |
|
cisco
|
webex_recording_format_player
|
Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1119
|
2013-09-6 22:39 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260240
|
- |
|
cisco
|
webex_recording_format_player
|
Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1118
|
2013-09-6 22:38 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|