|
257551
|
- |
|
cisco
|
nx-os
|
Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCt…
|
CWE-22
Path Traversal
|
CVE-2012-4135
|
2013-12-24 02:15 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257552
|
- |
|
cisco
|
nx-os
|
Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164.
|
CWE-22
Path Traversal
|
CVE-2012-4131
|
2013-12-24 01:09 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257553
|
- |
|
idleman
|
leed
|
Multiple cross-site request forgery (CSRF) vulnerabilities in action.php in Leed (Light Feed), possibly before 1.5 Stable, allow remote attackers to hijack the authentication of administrators for un…
|
CWE-352
Origin Validation Error
|
CVE-2013-2628
|
2013-12-24 00:28 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257554
|
- |
|
idleman
|
leed
|
SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to execute arbitrary SQL commands via the id parameter in a removeFolder action.
|
CWE-89
SQL Injection
|
CVE-2013-2627
|
2013-12-24 00:27 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257555
|
- |
|
fujitsu
|
interstage_application_server
interstage_studio
|
Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7105
|
2013-12-20 13:39 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257556
|
- |
|
projectsprouts
|
sprout
|
The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2) pa…
|
CWE-94
Code Injection
|
CVE-2013-6421
|
2013-12-20 13:38 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257557
|
- |
|
zippyyum
|
subway_ordering_for_california
|
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by pass…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6986
|
2013-12-20 13:38 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257558
|
- |
|
apache
|
mod_dontdothat
subversion
|
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a den…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4505
|
2013-12-20 13:36 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257559
|
- |
|
emc
|
documentum_taskspace
documentum_capital_projects
documentum_wdk
documentum_digital_asset_manager
documentum_administrator
documentum_webtop
documentum_web_publisher
|
Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3281
|
2013-12-20 13:35 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257560
|
- |
|
netgear
|
prosafe_firmware
prosafe_gs725ts
prosafe_gs728tps
prosafe_gs728ts
prosafe_gs752tps
prosafe_gs724t
prosafe_s716t
prosafe_gs728txs
prosafe_gs752txs
prosafe_gs748t
prosafe_…
|
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.…
|
CWE-200
Information Exposure
|
CVE-2013-4775
|
2013-12-20 04:19 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
