|
291621
|
- |
|
memcached
|
memcached
|
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
|
CWE-287
Improper Authentication
|
CVE-2013-7239
|
2024-11-21 11:00 |
2014-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291622
|
- |
|
vasco
|
identikey_authentication_server
|
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass Active Directory (AD) authentication by entering only a DIGIPASS one-time password, instead of the intend…
|
CWE-287
Improper Authentication
|
CVE-2013-7292
|
2024-11-21 11:00 |
2014-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291623
|
- |
|
libpng
|
libpng
|
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (…
|
NVD-CWE-Other
|
CVE-2013-6954
|
2024-11-21 11:00 |
2014-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291624
|
- |
|
aphpkb
|
aphpkb
|
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7289
|
2024-11-21 11:00 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291625
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7288
|
2024-11-21 11:00 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291626
|
- |
|
nisuta
|
ns-wir150ne_firmware
ns-wir150ne
ns-wir300n_firmware
ns-wir300n
|
The management web interface on the Nisuta NS-WIR150NE router with firmware 5.07.41 and Nisuta NS-WIR300N router with firmware 5.07.36_NIS01 allows remote attackers to bypass authentication via a "Co…
|
CWE-287
Improper Authentication
|
CVE-2013-7282
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291627
|
- |
|
cisco
|
secure_access_control_system
|
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6974
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291628
|
- |
|
cynthia_fridsma
|
horizon_quick_content_management_system
|
SQL injection vulnerability in download.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2013-7139
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291629
|
- |
|
horizon_quick_content_management_system_project
|
horizon_quick_content_management_system
|
Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in t…
|
CWE-22
Path Traversal
|
CVE-2013-7138
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291630
|
- |
|
libreswan
|
libreswan
|
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd…
|
CWE-362
Race Condition
|
CVE-2013-7283
|
2024-11-21 11:00 |
2014-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
