260461
|
- |
|
sawmill
|
sawmill
|
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration comma…
|
CWE-200
Information Exposure
|
CVE-2000-0588
|
2013-07-30 13:00 |
2000-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260462
|
- |
|
sawmill
|
sawmill
|
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
|
CWE-310
Cryptographic Issues
|
CVE-2000-0589
|
2013-07-30 13:00 |
2000-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260463
|
- |
|
liftweb
|
lift
|
The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index value as a length value, which allows remote authenticated users to obtain sensitive information from o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3300
|
2013-07-29 22:59 |
2013-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260464
|
- |
|
trustgo
|
antivirus_\&_mobile_security
|
The TrustGo Antivirus & Mobile Security application before 1.3.6 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.tr…
|
CWE-20
Improper Input Validation
|
CVE-2013-3580
|
2013-07-29 22:59 |
2013-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260465
|
- |
|
nashtech
|
easy_php_calendar
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1955
|
2013-07-29 13:00 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260466
|
- |
|
emc
|
avamar_server avamar_server_virtual_edition
|
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3274
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260467
|
- |
|
emc
|
avamar_server avamar_server_virtual_edition
|
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obt…
|
CWE-20
Improper Input Validation
|
CVE-2013-3275
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260468
|
- |
|
autodesk
|
autocad autocad_architecture autocad_civil_3d autocad_ecscad autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_p\&id autocad_plant_…
|
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
|
NVD-CWE-noinfo
|
CVE-2013-3665
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260469
|
- |
|
parallels
|
parallels_plesk_panel parallels_small_business_panel
|
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper ScriptAlias directive for phppath, which makes it easier for remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4878
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260470
|
- |
|
autonomy ibm
|
keyview_idol lotus_notes
|
Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6349
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|