|
291171
|
- |
|
i18n_project
|
i18n
|
Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationDa…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4492
|
2024-11-21 10:55 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291172
|
- |
|
rubyonrails
|
rails
ruby_on_rails
|
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/translation_helper.rb in the internationalization component in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allo…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4491
|
2024-11-21 10:55 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291173
|
- |
|
jahia
|
jahia_xcm
|
Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM 6.6.1.0 before hotfix 7 allow remote attackers to inject arbitrary web script or HTML via (1) the site parameter to engines/manager.js…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4624
|
2024-11-21 10:55 |
2013-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291174
|
- |
|
jahia
|
jahia_xcm
|
Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a Set-Cookie header for the JSESSIONID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via …
|
CWE-200
Information Exposure
|
CVE-2013-4617
|
2024-11-21 10:55 |
2013-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291175
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authe…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4525
|
2024-11-21 10:55 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291176
|
- |
|
moodle
|
moodle
|
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read …
|
CWE-22
Path Traversal
|
CVE-2013-4524
|
2024-11-21 10:55 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291177
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in message/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbit…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4523
|
2024-11-21 10:55 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291178
|
- |
|
moodle
|
moodle
|
lib/filelib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 does not send "Cache-Control: private" HTTP headers, which allows remote attackers to obtain …
|
CWE-200
Information Exposure
|
CVE-2013-4522
|
2024-11-21 10:55 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291179
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the ZeroRatedMobileAccess extension for MediaWiki 1.19.x before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4573
|
2024-11-21 10:55 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291180
|
- |
|
ibus_project
opensuse
|
ibus
opensuse
|
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allo…
|
CWE-255
Credentials Management
|
CVE-2013-4509
|
2024-11-21 10:55 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
