|
292221
|
- |
|
fengoffice
|
feng_office
|
Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5744
|
2024-11-21 10:58 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292222
|
- |
|
tylertech
|
taxweb
|
The search component in the Treasurer application in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to obtain sensitive query-structure information via an invalid search request, a differ…
|
CWE-200
Information Exposure
|
CVE-2013-6285
|
2024-11-21 10:58 |
2013-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292223
|
- |
|
tylertech
|
taxweb
|
passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remot…
|
CWE-200
Information Exposure
|
CVE-2013-6020
|
2024-11-21 10:58 |
2013-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292224
|
- |
|
tylertech
|
taxweb
|
Cross-site scripting (XSS) vulnerability in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to inject arbitrary web script or HTML via the accountNum parameter to an unspecified component.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6019
|
2024-11-21 10:58 |
2013-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292225
|
- |
|
tylertech
|
taxweb
|
Cross-site request forgery (CSRF) vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a p…
|
CWE-352
Origin Validation Error
|
CVE-2013-6018
|
2024-11-21 10:58 |
2013-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292226
|
- |
|
polarssl
|
polarssl
|
Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote attackers to execute arbitrary code via a long packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5914
|
2024-11-21 10:58 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292227
|
- |
|
f5
|
big-ip_global_traffic_manager
big-ip_webaccelerator
big-ip_local_traffic_manager
big-ip_application_security_manager
big-ip_access_policy_manager
big-ip_wan_optimization_manager
big…
|
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 th…
|
CWE-20
Improper Input Validation
|
CVE-2013-6016
|
2024-11-21 10:58 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292228
|
- |
|
sap
|
erp_central_component
|
Unspecified vulnerability in the Statutory Reporting for Insurance (FS_SR) component in the Financial Services module for SAP ERP Central Component (ECC) allows attackers to execute arbitrary code vi…
|
NVD-CWE-noinfo
|
CVE-2013-6284
|
2024-11-21 10:58 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292229
|
- |
|
videolan
|
vlc_media_player
|
VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.
|
CWE-20
Improper Input Validation
|
CVE-2013-6283
|
2024-11-21 10:58 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292230
|
- |
|
wellintech
|
kingview
|
The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6128
|
2024-11-21 10:58 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
