|
290911
|
- |
|
blair_williams
joobi
civicrm
|
pretty_link_lite
com_jnews
civicrm
|
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) compo…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1636
|
2024-11-21 10:50 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290912
|
- |
|
owncloud
|
owncloud
|
SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vector…
|
CWE-89
SQL Injection
|
CVE-2013-2046
|
2024-11-21 10:50 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290913
|
- |
|
owncloud
|
owncloud
|
SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-2045
|
2024-11-21 10:50 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290914
|
- |
|
owncloud
|
owncloud
|
SQL injection vulnerability in addressbookprovider.php in ownCloud Server before 5.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to the cont…
|
CWE-89
SQL Injection
|
CVE-2013-1893
|
2024-11-21 10:50 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290915
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) new_name parameter to apps/bookmarks/ajax…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1890
|
2024-11-21 10:50 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290916
|
- |
|
redhat
|
satellite
|
Cross-site scripting (XSS) vulnerability in account/EditAddress.do in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary web script or HTML via the type par…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1871
|
2024-11-21 10:50 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290917
|
- |
|
extended_module_player_project
|
extended_module_player
|
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1980
|
2024-11-21 10:50 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290918
|
- |
|
apache
|
wicket
|
Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templ…
|
NVD-CWE-noinfo
|
CVE-2013-2055
|
2024-11-21 10:50 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290919
|
- |
|
roundcube
|
webmail
|
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _v…
|
CWE-22
Path Traversal
|
CVE-2013-1904
|
2024-11-21 10:50 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290920
|
- |
|
gpsd_project
canonical
|
gpsd
ubuntu_linux
|
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpret…
|
CWE-20
Improper Input Validation
|
CVE-2013-2038
|
2024-11-21 10:50 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
