|
260161
|
- |
|
choice-wireless
|
wixfmr-111
|
ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to execute arbitrary commands via shell metacharacters in the pip parameter in an A…
|
CWE-287
Improper Authentication
|
CVE-2013-4731
|
2013-07-17 13:00 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260162
|
- |
|
drupal
|
drupal
|
The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly restrict access to derivative images, which allows remote attackers to read derivative images of othe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0246
|
2013-07-17 03:55 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260163
|
- |
|
novell
|
groupwise
|
Cross-site scripting (XSS) vulnerability in the client in Novell GroupWise through 8.0.3 HP3, and 2012 through SP2, on Windows allows user-assisted remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1087
|
2013-07-16 13:00 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260164
|
- |
|
novell
|
groupwise
|
Per: http://www.novell.com/support/kb/doc.php?id=7012063
'Previous versions (GroupWise, 6.5, 7.x) of the GroupWise Client for Windows are likely also vulnerable but are no longer supported. Custom…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1087
|
2013-07-16 13:00 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260165
|
- |
|
cisco
|
secure_access_control_system
|
The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspec…
|
CWE-200
Information Exposure
|
CVE-2013-3428
|
2013-07-16 13:00 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260166
|
- |
|
wave
|
embassy_remote_administration_server
embassy_remote_administration_server_help_desk
|
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote attackers to execute arbitrary SQL commands via the ct100$4MainController$Te…
|
CWE-89
SQL Injection
|
CVE-2013-3577
|
2013-07-16 13:00 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260167
|
- |
|
wave
|
embassy_remote_administration_server
embassy_remote_administration_server_help_desk
|
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainCon…
|
CWE-78
CWE-89
OS Command
SQL Injection
|
CVE-2013-3578
|
2013-07-16 13:00 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260168
|
- |
|
web2py
|
web2py
|
Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2311
|
2013-07-15 13:00 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260169
|
- |
|
blackberry
|
qnx_momentics_tool_suite
qnx_software_development_platform
qnx_neutrino_rtos
|
Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Pla…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2687
|
2013-07-15 13:00 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260170
|
- |
|
blackberry
|
qnx_software_development_platform
qnx_neutrino_rtos
|
Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2688
|
2013-07-15 13:00 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
