|
290711
|
- |
|
adcisolutions
|
node_view_permissions
|
The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the hook_query_alter function, which might allow remote attackers to obtain sensitive information by rea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5965
|
2024-11-21 10:58 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290712
|
- |
|
joachim_noreiko
|
flag_module
|
Cross-site scripting (XSS) vulnerability in the administration page in the Flag module 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "Administer flags" permission to in…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5964
|
2024-11-21 10:58 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290713
|
- |
|
owasp
|
enterprise_security_api
|
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serial…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5960
|
2024-11-21 10:58 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290714
|
- |
|
bluecoat
|
proxysgos
proxysg
|
Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5959
|
2024-11-21 10:58 |
2013-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290715
|
- |
|
graphite_project
|
graphite
|
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5943
|
2024-11-21 10:58 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290716
|
- |
|
graphite_project
|
graphite
|
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2) st…
|
CWE-94
Code Injection
|
CVE-2013-5942
|
2024-11-21 10:58 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290717
|
- |
|
click2sell
|
click2sell_suite_module
|
Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5938
|
2024-11-21 10:58 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290718
|
- |
|
click2sell
|
click2sell_suite_module
|
Cross-site request forgery (CSRF) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete datab…
|
CWE-352
Origin Validation Error
|
CVE-2013-5937
|
2024-11-21 10:58 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290719
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) networ…
|
CWE-200
Information Exposure
|
CVE-2013-5936
|
2024-11-21 10:58 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290720
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which mak…
|
CWE-200
Information Exposure
|
CVE-2013-5935
|
2024-11-21 10:58 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
