|
292131
|
- |
|
wellintech
|
kingview
|
The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6128
|
2024-11-21 10:58 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292132
|
- |
|
wellintech
|
kingview
|
The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote atta…
|
CWE-22
Path Traversal
|
CVE-2013-6127
|
2024-11-21 10:58 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292133
|
- |
|
dhtmlx
|
dhtmlxspreadsheet
|
Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php in the Spreadsheet (dhtmlxSpreadsheet) plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6281
|
2024-11-21 10:58 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292134
|
- |
|
linksalpha
|
social_sharing_toolkit_plugin
|
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6280
|
2024-11-21 10:58 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292135
|
- |
|
dell
|
quest_one_password_manager
|
The Dell Quest One Password Manager, possibly 5.0, allows remote attackers to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid do…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6246
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292136
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to …
|
NVD-CWE-noinfo
|
CVE-2013-6245
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292137
|
- |
|
sap
|
netweaver
|
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML doc…
|
NVD-CWE-noinfo
|
CVE-2013-6244
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292138
|
- |
|
landing_pages_project
|
landing_pages_plugin
|
SQL injection vulnerability in the Landing Pages plugin 1.2.3, before 20131009, and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the "post" parameter to index.p…
|
CWE-89
SQL Injection
|
CVE-2013-6243
|
2024-11-21 10:58 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292139
|
- |
|
vmware
|
vcenter_server
|
Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5971
|
2024-11-21 10:58 |
2013-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292140
|
- |
|
vmware
|
esx
esxi
|
hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic.
|
CWE-20
Improper Input Validation
|
CVE-2013-5970
|
2024-11-21 10:58 |
2013-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
