260731
|
- |
|
wordpress
|
wordpress
|
Per: http://cwe.mitre.org/data/definitions/918.html
'CWE-918: Server-Side Request Forgery (SSRF)'
|
NVD-CWE-Other
|
CVE-2013-0235
|
2013-07-9 05:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260732
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the con…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0236
|
2013-07-9 05:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260733
|
- |
|
moxiecode wordpress fedoraproject
|
plupload wordpress fedora
|
Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0237
|
2013-07-9 05:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260734
|
- |
|
fortinet
|
fortios fortigate-1000c fortigate-100d fortigate-110c fortigate-1240b fortigate-200b fortigate-20c fortigate-300c fortigate-3040b fortigate-310b fortigate-311b fortig…
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of …
|
CWE-352
Origin Validation Error
|
CVE-2013-1414
|
2013-07-9 02:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260735
|
- |
|
symantec
|
security_information_manager security_information_manager_appliance
|
SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users t…
|
CWE-89
SQL Injection
|
CVE-2013-1613
|
2013-07-9 02:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260736
|
- |
|
symantec
|
security_information_manager security_information_manager_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allow remot…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1614
|
2013-07-9 02:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260737
|
- |
|
symantec
|
security_information_manager security_information_manager_appliance
|
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspec…
|
CWE-200
Information Exposure
|
CVE-2013-1615
|
2013-07-9 02:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260738
|
- |
|
cisco
|
unified_customer_voice_portal
|
Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (…
|
CWE-22
Path Traversal
|
CVE-2013-1224
|
2013-07-8 13:00 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260739
|
- |
|
realnetworks
|
realplayer
|
RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that con…
|
CWE-20
Improper Input Validation
|
CVE-2013-3299
|
2013-07-8 13:00 |
2013-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260740
|
- |
|
symantec
|
discovery on_command_discovery
|
The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain …
|
NVD-CWE-Other
|
CVE-2005-3316
|
2013-07-7 13:45 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|