260121
|
- |
|
dahuasecurity
|
dvr0404hd-a dvr0404hd-l dvr0404hd-s dvr0404hd-u dvr0404hf-a-e dvr0404hf-al-e dvr0404hf-s-e dvr0404hf-u-e dvr0804 dvr0804hd-l dvr0804hd-s dvr0804hf-a-e dvr0804hf-al…
|
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
|
CWE-287
Improper Authentication
|
CVE-2013-3613
|
2013-09-18 03:35 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260122
|
- |
|
dahuasecurity
|
dvr0404hd-a dvr0404hd-l dvr0404hd-s dvr0404hd-u dvr0404hf-a-e dvr0404hf-al-e dvr0404hf-s-e dvr0404hf-u-e dvr0804 dvr0804hd-l dvr0804hd-s dvr0804hf-a-e dvr0804hf-al…
|
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via autho…
|
CWE-255
Credentials Management
|
CVE-2013-3612
|
2013-09-18 01:15 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260123
|
- |
|
twilightcms
|
twilight_cms
|
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a…
|
CWE-22
Path Traversal
|
CVE-2013-4900
|
2013-09-14 03:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260124
|
- |
|
cisco
|
digital_media_manager
|
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector…
|
CWE-20
Improper Input Validation
|
CVE-2013-3446
|
2013-09-14 03:35 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260125
|
- |
|
opera
|
opera_browser
|
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4705
|
2013-09-14 03:08 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260126
|
- |
|
citrix
|
cloudportal_services_manager
|
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed i…
|
NVD-CWE-noinfo
|
CVE-2013-2933
|
2013-09-14 03:07 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260127
|
- |
|
capasystems
|
performance_guard
|
Directory traversal vulnerability in logreader/uploadreader.jsp in CapaSystems Performance Guard before 6.2.102 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2013-5216
|
2013-09-14 03:07 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260128
|
- |
|
cisco
|
prime_lan_management_solution
|
Cisco Prime LAN Management Solution (LMS) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5482
|
2013-09-14 03:06 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260129
|
- |
|
citrix
|
cloudportal_services_manager
|
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed i…
|
NVD-CWE-noinfo
|
CVE-2013-2935
|
2013-09-14 03:04 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260130
|
- |
|
citrix
|
cloudportal_services_manager
|
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnera…
|
NVD-CWE-noinfo
|
CVE-2013-2937
|
2013-09-14 03:02 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|