|
260751
|
- |
|
guy_bedford
|
live_css
|
CWE-434: Unrestricted Upload of File with Dangerous Type
|
NVD-CWE-Other
|
CVE-2013-0206
|
2013-03-21 18:26 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260752
|
- |
|
video_project
|
video
|
The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file.
|
CWE-16
Configuration
|
CVE-2013-0224
|
2013-03-21 13:00 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260753
|
- |
|
user_relationships_project
|
user_relationships
|
Cross-site scripting (XSS) vulnerability in the User Relationships module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-alpha5 for Drupal allows remote authenticated users with the "administer us…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0225
|
2013-03-21 13:00 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260754
|
- |
|
mathijs_koenraadt
|
search_api_sorts
|
Cross-site scripting (XSS) vulnerability in the Search API Sorts module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain roles to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0227
|
2013-03-21 13:00 |
2013-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260755
|
- |
|
windriver
|
vxworks
|
IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.
|
CWE-20
Improper Input Validation
|
CVE-2013-0712
|
2013-03-21 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260756
|
- |
|
nec
|
atermwm3450rn
atermwm3600r
atermwr8160n
atermwr8370n
atermwr8600n
atermwr9500n
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN route…
|
CWE-352
Origin Validation Error
|
CVE-2013-0717
|
2013-03-21 13:00 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260757
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1750
|
2013-03-21 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260758
|
- |
|
samba
|
samba
|
Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1863
|
2013-03-21 13:00 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260759
|
- |
|
rubygems
|
command_wrap
|
command_wrap.rb in the command_wrap Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL or filename.
|
CWE-94
Code Injection
|
CVE-2013-1875
|
2013-03-21 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260760
|
- |
|
tibco
|
spotfire_web_player
|
Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to injec…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2372
|
2013-03-21 13:00 |
2013-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
