|
258771
|
- |
|
wordpress
|
wordpress
|
wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5293
|
2014-01-22 02:16 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258772
|
- |
|
sonatype
|
nexus
|
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
|
CWE-94
Code Injection
|
CVE-2014-0792
|
2014-01-21 23:14 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258773
|
- |
|
rick_mead
|
media_library_categories
|
Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) bulk parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6630
|
2014-01-18 04:16 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258774
|
- |
|
xyzscripts
|
newsletter_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for r…
|
CWE-352
Origin Validation Error
|
CVE-2012-6629
|
2014-01-18 03:51 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258775
|
- |
|
xyzscripts
|
newsletter_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) xyz_em_campNa…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6628
|
2014-01-18 03:50 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258776
|
- |
|
xyzscripts
|
newsletter_manager
|
Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6627
|
2014-01-18 03:35 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258777
|
- |
|
cisco
|
webex_meetings_server
|
The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source co…
|
CWE-255
Credentials Management
|
CVE-2013-6687
|
2014-01-18 00:12 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258778
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (applicatio…
|
CWE-20
Improper Input Validation
|
CVE-2013-7113
|
2014-01-17 14:20 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258779
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4670
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258780
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of un…
|
CWE-352
Origin Validation Error
|
CVE-2013-4671
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
