|
259791
|
- |
|
slickremix
|
design_approval_system_plugin
|
Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthrough.php in the Design Approval System plugin before 3.7 for WordPress allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5711
|
2013-09-26 03:08 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259792
|
- |
|
dahuasecurity
|
dvr0404hd-a
dvr0404hd-l
dvr0404hd-s
dvr0404hd-u
dvr0404hf-a-e
dvr0404hf-al-e
dvr0404hf-s-e
dvr0404hf-u-e
dvr0804
dvr0804hd-l
dvr0804hd-s
dvr0804hf-a-e
dvr0804hf-al…
|
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3614
|
2013-09-26 03:07 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259793
|
- |
|
dahuasecurity
|
dvr0404hd-a
dvr0404hd-l
dvr0404hd-s
dvr0404hd-u
dvr0404hf-a-e
dvr0404hf-al-e
dvr0404hf-s-e
dvr0404hf-u-e
dvr0804
dvr0804hd-l
dvr0804hd-s
dvr0804hf-a-e
dvr0804hf-al…
|
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain ad…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5754
|
2013-09-26 03:07 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259794
|
- |
|
dell
|
idrac6_firmware
idrac6_monolithic
idrac7_firmware
idrac7
|
Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3589
|
2013-09-26 02:52 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259795
|
- |
|
ni
|
diadem
labview
labwindows
measurementstudio
teststand
|
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to…
|
NVD-CWE-noinfo
|
CVE-2013-5023
|
2013-09-26 00:06 |
2013-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259796
|
- |
|
ni
|
measurementstudio
|
An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to o…
|
NVD-CWE-noinfo
|
CVE-2013-5024
|
2013-09-26 00:05 |
2013-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259797
|
- |
|
jforum
|
jforum
|
Open redirect vulnerability in JForum 2.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnPath parameter in a validateLogin acti…
|
CWE-20
Improper Input Validation
|
CVE-2012-5338
|
2013-09-25 03:01 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259798
|
- |
|
cgi
|
hotscan
|
Stack-based buffer overflow in Logica HotScan allows remote attackers to cause a denial of service (crash) via a crafted packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2624
|
2013-09-24 22:56 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259799
|
- |
|
debian
|
phpbb3
|
Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5724
|
2013-09-24 08:21 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259800
|
- |
|
cisco
|
prime_data_center_network_manager
|
DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029.
|
CWE-200
Information Exposure
|
CVE-2013-5487
|
2013-09-24 08:15 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
