|
260321
|
- |
|
photogallerycreator
|
flash-album-gallery
|
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before 2.72 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parame…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3261
|
2013-06-4 00:30 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260322
|
- |
|
mutiny
|
mutiny
mutiny_virtual_appliance
mutiny_appliance
|
Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow remote authenticated users to upload and execute arbitrary programs, read arbi…
|
CWE-22
Path Traversal
|
CVE-2013-0136
|
2013-06-3 13:00 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260323
|
- |
|
cisco
|
telepresence_system_software
|
Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service (memory consumption and service outage) by …
|
CWE-399
Resource Management Errors
|
CVE-2013-1246
|
2013-06-3 13:00 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260324
|
- |
|
cisco
|
prime_infrastructure
|
Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not prop…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1247
|
2013-06-3 13:00 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260325
|
- |
|
tibco
|
silver_mobile
|
The server in TIBCO Silver Mobile 1.1.0 does not properly verify access to the administrator role before executing a command, which allows authenticated users to gain privileges via unspecified vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3315
|
2013-06-3 13:00 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260326
|
- |
|
algisinfo
|
aicontactsafe
|
Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3719
|
2013-06-3 13:00 |
2013-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260327
|
- |
|
microsys
|
promotic
|
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4518
|
2013-06-3 13:00 |
2013-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260328
|
- |
|
psychostats
|
psychostats
|
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3721
|
2013-05-31 21:20 |
2013-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260329
|
- |
|
google
lg
|
android
optimus_g_e973
|
The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3666
|
2013-05-31 13:00 |
2013-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260330
|
- |
|
siemens
|
wincc_tia_portal
|
Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive informatio…
|
CWE-255
Credentials Management
|
CVE-2011-4515
|
2013-05-31 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
