|
292101
|
- |
|
projeqtor
|
projeqtor
|
SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote attackers to execute arbitrary SQL commands via the objectId parameter.
|
CWE-89
SQL Injection
|
CVE-2013-6164
|
2024-11-21 10:58 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292102
|
- |
|
projeqtor
|
projeqtor
|
Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr (formerly Project'Or RIA) before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to vie…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6163
|
2024-11-21 10:58 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292103
|
- |
|
apprain
|
apprain
|
SQL injection vulnerability in appRain CMF 3.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
|
CWE-89
SQL Injection
|
CVE-2013-6058
|
2024-11-21 10:58 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292104
|
- |
|
justsystems
|
ichitaro_pro
ichitaro_portable_with_oreplug
ichitaro
ichitaro_viewer
|
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; I…
|
NVD-CWE-noinfo
|
CVE-2013-5990
|
2024-11-21 10:58 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292105
|
- |
|
tapbots
|
tweetbot
|
Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of (1) follow or (2) favorite actions, which allows remote attackers to automatically force the user to perform un…
|
CWE-352
Origin Validation Error
|
CVE-2013-5726
|
2024-11-21 10:58 |
2013-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292106
|
- |
|
qualcomm
|
quic_mobile_station_modem_kernel
|
goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly…
|
CWE-20
Improper Input Validation
|
CVE-2013-6122
|
2024-11-21 10:58 |
2013-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292107
|
- |
|
isc
|
bind
|
The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does no…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6230
|
2024-11-21 10:58 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292108
|
- |
|
roundcube
|
webmail
|
steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read …
|
CWE-89
SQL Injection
|
CVE-2013-6172
|
2024-11-21 10:58 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292109
|
- |
|
citrix
|
xendesktop
|
Citrix XenDesktop 7.0, when upgraded from XenDesktop 5.x, does not properly enforce policy rule permissions, which allows remote attackers to bypass intended restrictions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6077
|
2024-11-21 10:58 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292110
|
- |
|
apple
|
motion
|
Integer overflow in the OZDocument::parseElement function in Apple Motion 5.0.7 allows remote attackers to cause a denial of service (application crash) via a (1) large or (2) small value in the subv…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2013-6114
|
2024-11-21 10:58 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
