|
259801
|
- |
|
cisco
|
prime_central_for_hosted_collaboration_solution_assurance
|
The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote atta…
|
CWE-287
Improper Authentication
|
CVE-2013-3473
|
2013-09-24 07:34 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259802
|
- |
|
glpi-project
|
glpi
|
inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request fo…
|
CWE-352
Origin Validation Error
|
CVE-2013-5696
|
2013-09-24 07:33 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259803
|
- |
|
platinum_seo_project
|
platinum_seo_plugin
|
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin before 1.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parame…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5918
|
2013-09-24 07:29 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259804
|
- |
|
dlink
|
dwl-2100ap
dwl-2100ap_firmware
|
The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4706
|
2013-09-24 07:27 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259805
|
- |
|
dlink
|
des-3810_firmware
des-3810
|
The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4707
|
2013-09-24 07:25 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259806
|
- |
|
rodrigo_coimbra
|
nospam_pti
|
SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the comment_post_ID parameter.
|
CWE-89
SQL Injection
|
CVE-2013-5917
|
2013-09-24 04:23 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259807
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissions for a library directory, which allows local users to gain privileges via a crafted library file, aka Bug ID CSCue33619.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1130
|
2013-09-24 00:16 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259808
|
- |
|
cisco
|
nx-os
|
The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via…
|
CWE-399
Resource Management Errors
|
CVE-2013-1121
|
2013-09-20 09:53 |
2013-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259809
|
- |
|
apple
|
mac_os_x
|
Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1031
|
2013-09-20 00:02 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259810
|
- |
|
alienwp
|
hatch
|
Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any artic…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4138
|
2013-09-19 10:10 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
