|
290151
|
- |
|
fortinet
|
fortianalyzer_firmware
fortianalyzer-1000d
fortianalyzer-2000b
fortianalyzer-200d
fortianalyzer-3000d
fortianalyzer-300d
fortianalyzer-4000b
|
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site req…
|
CWE-352
Origin Validation Error
|
CVE-2013-6826
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290152
|
- |
|
sap
|
netweaver
|
GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6823
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290153
|
- |
|
sap
|
netweaver
|
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.
|
NVD-CWE-noinfo
|
CVE-2013-6822
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290154
|
- |
|
sap
|
netweaver
|
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2013-6821
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290155
|
- |
|
sap
|
netweaver
|
Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6819
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290156
|
- |
|
sap
|
netweaver_development_infrastructure
|
Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via un…
|
NVD-CWE-Other
|
CVE-2013-6820
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290157
|
- |
|
sap
|
netweaver_logviewer
|
SAP NetWeaver Logviewer 6.30, when running on Windows, allows remote attackers to bypass intended access restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6818
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290158
|
- |
|
sap
|
network_interface_router
|
Heap-based buffer overflow in SAP Network Interface Router (SAProuter) 7.30 allows remote attackers to cause a denial of service and execute arbitrary code via crafted NI Route messages.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6817
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290159
|
- |
|
sap
|
netweaver
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6816
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290160
|
- |
|
sap
|
netweaver
|
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPP…
|
CWE-20
Improper Input Validation
|
CVE-2013-6814
|
2024-11-21 10:59 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
