|
256881
|
- |
|
plone
|
plone
|
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.
|
CWE-200
Information Exposure
|
CVE-2012-5491
|
2014-10-2 01:30 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256882
|
- |
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5490
|
2014-10-1 23:59 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256883
|
- |
|
plone
|
plone
|
The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5487
|
2014-10-1 23:28 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256884
|
- |
|
juniper
|
junos_pulse_secure_access_service
|
The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via unspe…
|
CWE-20
Improper Input Validation
|
CVE-2014-3823
|
2014-10-1 12:30 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256885
|
- |
|
cisco
|
linksys_wrt310n_router_firmware
linksys_wrt350n
|
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords and…
|
CWE-352
Origin Validation Error
|
CVE-2013-3068
|
2014-10-1 10:13 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256886
|
- |
|
belkin
|
f5d8236-4_v2
|
Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the …
|
CWE-352
Origin Validation Error
|
CVE-2013-3083
|
2014-10-1 10:04 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256887
|
- |
|
belkin
|
n300_firmware
n300
|
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.
|
CWE-287
Improper Authentication
|
CVE-2013-3092
|
2014-10-1 10:01 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256888
|
- |
|
belkin
|
n900_firmware
n900
|
Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration…
|
CWE-352
Origin Validation Error
|
CVE-2013-3086
|
2014-10-1 10:00 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256889
|
- |
|
belkin
|
n300_firmware
n300
|
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configur…
|
CWE-352
Origin Validation Error
|
CVE-2013-3089
|
2014-10-1 09:59 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256890
|
- |
|
juniper
|
juniper_installer_service_client
junos_pulse_client
|
Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3811
|
2014-10-1 03:26 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
