|
292141
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert…
|
CWE-20
Improper Input Validation
|
CVE-2013-4811
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292142
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName a…
|
CWE-20
Improper Input Validation
|
CVE-2013-4812
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292143
|
- |
|
hp
|
procurve_manager
identity_driven_manager
|
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2013-4809
|
2024-11-21 10:56 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292144
|
- |
|
opera
|
opera_browser
|
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4705
|
2024-11-21 10:56 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292145
|
- |
|
sophos
|
web_appliance
|
The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second…
|
CWE-264
CWE-78
Permissions, Privileges, and Access Controls
OS Command
|
CVE-2013-4984
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292146
|
- |
|
sophos
|
web_appliance_firmware
|
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the…
|
CWE-78
OS Command
|
CVE-2013-4983
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292147
|
- |
|
cybozu
|
office
|
Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4703
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292148
|
- |
|
twilightcms
|
twilight_cms
|
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a…
|
CWE-22
Path Traversal
|
CVE-2013-4900
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292149
|
- |
|
twilightcms
|
twilight_cms
|
Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4899
|
2024-11-21 10:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292150
|
- |
|
htmlcleaner_project
open-xchange
|
htmlcleaner
open-xchange_appsuite
|
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other person…
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2024-11-21 10:56 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
