|
292071
|
- |
|
cybozu
|
garoon
|
CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding is enabled, allows remote authenticated users to inject arbitrary e-mail headers via unspecified vect…
|
CWE-20
Improper Input Validation
|
CVE-2013-6003
|
2024-11-21 10:58 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292072
|
- |
|
cybozu
|
garoon
|
The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2013-6002
|
2024-11-21 10:58 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292073
|
- |
|
cybozu
|
garoon
|
SQL injection vulnerability in the Space function in Cybozu Garoon before 3.7 SP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-6001
|
2024-11-21 10:58 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292074
|
- |
|
tattyan
|
tattyan_hptown
|
Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request.
|
CWE-22
Path Traversal
|
CVE-2013-6000
|
2024-11-21 10:58 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292075
|
- |
|
att
|
connect_participant_application
|
Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6029
|
2024-11-21 10:58 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292076
|
- |
|
ibm
|
qradar_security_information_and_event_manager
|
Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6307
|
2024-11-21 10:58 |
2013-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292077
|
- |
|
thomsonreuters
|
velocity_analytics_vhayu_analytic_server
|
VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows remote attackers to execute arbitrary code via a URL in the fileName parameter during an importFile action.
|
CWE-94
Code Injection
|
CVE-2013-5912
|
2024-11-21 10:58 |
2013-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292078
|
- |
|
civicrm
|
civicrm
|
Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL comm…
|
CWE-89
SQL Injection
|
CVE-2013-5957
|
2024-11-21 10:58 |
2013-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292079
|
- |
|
ibm
|
rational_performance_tester
rational_service_tester
|
Unspecified vulnerability in IBM Rational Service Tester 8.3.x and 8.5.x before 8.5.1 and Rational Performance Tester 8.3.x and 8.5.x before 8.5.1 allows remote attackers to read arbitrary files via …
|
NVD-CWE-noinfo
|
CVE-2013-6312
|
2024-11-21 10:58 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292080
|
- |
|
kingsoft
|
kdrive
|
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information …
|
CWE-310
Cryptographic Issues
|
CVE-2013-5999
|
2024-11-21 10:58 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
