|
290461
|
- |
|
sophos
|
web_appliance_firmware
|
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the…
|
CWE-78
OS Command
|
CVE-2013-4983
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290462
|
- |
|
cybozu
|
office
|
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4703
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290463
|
- |
|
twilightcms
|
twilight_cms
|
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a…
|
CWE-22
Path Traversal
|
CVE-2013-4900
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290464
|
- |
|
twilightcms
|
twilight_cms
|
Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4899
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290465
|
- |
|
htmlcleaner_project
open-xchange
|
htmlcleaner
open-xchange_appsuite
|
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other person…
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2024-11-21 10:56 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290466
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, w…
|
CWE-255
Credentials Management
|
CVE-2013-4790
|
2024-11-21 10:56 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290467
|
- |
|
lockon
|
ec-cube
|
Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbit…
|
CWE-22
Path Traversal
|
CVE-2013-4702
|
2024-11-21 10:56 |
2013-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290468
|
- |
|
strongswan
opensuse
|
strongswan
opensuse
|
The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5018
|
2024-11-21 10:56 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290469
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealM…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4974
|
2024-11-21 10:56 |
2013-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290470
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4973
|
2024-11-21 10:56 |
2013-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
