|
257511
|
- |
|
projectforge
|
projectforge
|
Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a validation message.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5269
|
2014-01-3 03:21 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257512
|
- |
|
op5
|
monitor
|
op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0264
|
2014-01-3 01:39 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257513
|
- |
|
op5
|
monitor
|
monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are tri…
|
CWE-200
Information Exposure
|
CVE-2012-0263
|
2014-01-3 01:35 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257514
|
- |
|
op5
|
monitor
system-op5config
|
op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password paramet…
|
CWE-94
Code Injection
|
CVE-2012-0262
|
2014-01-3 01:32 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257515
|
- |
|
op5
|
monitor
system-portal
|
license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for a…
|
CWE-94
Code Injection
|
CVE-2012-0261
|
2014-01-3 01:24 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257516
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6907
|
2014-01-1 02:09 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257517
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6908
|
2014-01-1 02:08 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257518
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6909
|
2014-01-1 02:04 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257519
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6910
|
2014-01-1 02:03 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257520
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6914
|
2014-01-1 02:02 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
