|
258871
|
- |
|
op5
|
monitor
system-portal
|
license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for a…
|
CWE-94
Code Injection
|
CVE-2012-0261
|
2014-01-3 01:24 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258872
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6907
|
2014-01-1 02:09 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258873
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6908
|
2014-01-1 02:08 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258874
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6909
|
2014-01-1 02:04 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258875
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6910
|
2014-01-1 02:03 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258876
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6914
|
2014-01-1 02:02 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258877
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6915
|
2014-01-1 02:01 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258878
|
- |
|
jforum
|
jforum
|
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the…
|
CWE-352
Origin Validation Error
|
CVE-2013-7209
|
2014-01-1 00:19 |
2013-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258879
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
|
CWE-20
Improper Input Validation
|
CVE-2013-4339
|
2013-12-31 13:25 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258880
|
- |
|
hp
|
color_laserjet_3000
color_laserjet_3800
color_laserjet_4700
color_laserjet_4730_mfp
color_laserjet_5550
color_laserjet_9500_mfp
color_laserjet_cm6030_mfp
color_laserjet_cm6040_mf…
|
Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3…
|
NVD-CWE-noinfo
|
CVE-2012-5221
|
2013-12-31 13:19 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
