259431
|
- |
|
fortinet
|
fortianalyzer_firmware fortianalyzer-1000d fortianalyzer-2000b fortianalyzer-200d fortianalyzer-3000d fortianalyzer-300d fortianalyzer-4000b
|
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site req…
|
CWE-352
Origin Validation Error
|
CVE-2013-6826
|
2013-11-21 02:10 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259432
|
- |
|
zkoss
|
zk_framework
|
Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5966
|
2013-11-21 00:23 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259433
|
- |
|
tryton
|
tryton
|
Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a r…
|
CWE-22
Path Traversal
|
CVE-2013-4510
|
2013-11-20 09:31 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259434
|
- |
|
apple
|
iphone_os
|
The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a (1) App purchase or (2) In-App pu…
|
CWE-255
Credentials Management
|
CVE-2013-5193
|
2013-11-20 09:24 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259435
|
- |
|
apple
|
mac_os_x
|
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6799
|
2013-11-20 09:17 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259436
|
- |
|
dlink
|
dsl-2740b_firmware dsl-2740b
|
The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2271
|
2013-11-20 08:18 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259437
|
- |
|
dlink
|
dsl-2740b_firmware dsl-2740b
|
Advisory from D-Link says all versions of firmware for DSL-2740B are vulnerable per http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10004
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2271
|
2013-11-20 08:18 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259438
|
- |
|
cisco
|
service_portal
|
The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via…
|
CWE-20
Improper Input Validation
|
CVE-2013-3406
|
2013-11-20 08:10 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259439
|
- |
|
cisco
|
ios
|
The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bu…
|
CWE-20
Improper Input Validation
|
CVE-2013-6686
|
2013-11-20 04:27 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259440
|
- |
|
sunil_nanda
|
blue_wrench_video_widget
|
Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication o…
|
CWE-352
Origin Validation Error
|
CVE-2013-6797
|
2013-11-20 04:27 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|