259441
|
- |
|
cisco
|
unified_communications_manager
|
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authentica…
|
CWE-22
Path Traversal
|
CVE-2013-6688
|
2013-11-20 04:26 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259442
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier allows local users to bypass file permissions, and read, modify, or create arbitrary files, via an "overload" of the command-line …
|
CWE-20
Improper Input Validation
|
CVE-2013-6689
|
2013-11-20 04:13 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259443
|
- |
|
percipientstudios
|
imagen
|
Cross-site scripting (XSS) vulnerability in imagegen.ashx in Percipient Studios ImageGen before 2.9.0 for Umbraco CMS allows remote attackers to inject arbitrary web script or HTML via the font param…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0741
|
2013-11-20 04:06 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259444
|
- |
|
cisco
|
server_provisioner
|
The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require authentication for unspecified pages, which allows remote attackers to obtain sensitive information…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3407
|
2013-11-20 03:57 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259445
|
- |
|
blackberry
|
blackberry_link
|
BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require authentication for remote file-access folders, which allows remote attackers to read or create arbitr…
|
CWE-352
Origin Validation Error
|
CVE-2013-3694
|
2013-11-20 03:50 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259446
|
- |
|
vmware
|
workstation player
|
VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5972
|
2013-11-20 00:07 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259447
|
- |
|
microsoft
|
word
|
Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by wor…
|
CWE-399
Resource Management Errors
|
CVE-2013-6801
|
2013-11-20 00:02 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259448
|
- |
|
sap
|
basis_communication_services
|
SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-3063
|
2013-11-19 13:48 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259449
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace fu…
|
NVD-CWE-noinfo
|
CVE-2013-3238
|
2013-11-19 13:48 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259450
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename…
|
CWE-94
Code Injection
|
CVE-2013-3239
|
2013-11-19 13:48 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|