260031
|
- |
|
mongodb
|
mongodb
|
The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and server crash) or possi…
|
CWE-399
Resource Management Errors
|
CVE-2013-3969
|
2013-10-3 05:38 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260032
|
- |
|
cisco
|
mediasense
|
Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5501
|
2013-10-3 04:44 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260033
|
- |
|
cisco
|
mediasense
|
Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5500
|
2013-10-3 04:43 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260034
|
- |
|
ovislink sony
|
airlive_wl2600cam snc_ch140 snc_ch180 snc_ch240 snc_ch280 snc_dh140 snc_dh140t snc_dh180 snc_dh240 snc_dh240t snc_dh280
|
Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and pos…
|
CWE-352
Origin Validation Error
|
CVE-2013-3539
|
2013-10-3 04:26 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260035
|
- |
|
grandstream
|
gxv_device_firmware gxv3500 gxv3501 gxv3504 gxv3601 gxv3601hd\/ll gxv3611hd\/ll gxv3615w\/p gxv3615wp_hd gxv3651fhd gxv3662hd
|
Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera mode…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3962
|
2013-10-3 02:28 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260036
|
- |
|
brickom
|
100ap_device_firmware fb-100ap md-100ap ob-100ae osd-040e wcb-100ap wfb-100ap
|
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 a…
|
CWE-352
Origin Validation Error
|
CVE-2013-3690
|
2013-10-3 02:21 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260037
|
- |
|
grandstream
|
gxv_device_firmware gxv3500 gxv3501 gxv3504 gxv3601 gxv3601hd\/ll gxv3611hd\/ll gxv3615w\/p gxv3615wp_hd gxv3651fhd gxv3662hd
|
Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, an…
|
CWE-352
Origin Validation Error
|
CVE-2013-3963
|
2013-10-3 02:14 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260038
|
- |
|
samsung
|
shr-5082 shr-5162
|
Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3964
|
2013-10-3 02:10 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260039
|
- |
|
emc
|
geosynchrony vplex_geo vplex_local vplex_metro
|
EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configur…
|
CWE-255
Credentials Management
|
CVE-2013-3278
|
2013-10-3 00:16 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260040
|
- |
|
wordpress
|
wordpress
|
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP u…
|
CWE-94
Code Injection
|
CVE-2013-4338
|
2013-10-2 13:29 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|