|
291301
|
- |
|
i-doit
|
i-doit
|
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1413
|
2024-11-21 10:49 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291302
|
- |
|
geeklog
|
geeklog
|
Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1470
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291303
|
- |
|
glfusion
|
glfusion
|
Multiple cross-site scripting (XSS) vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the (1) subject parameter to profiles.php; (2) addre…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1466
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291304
|
- |
|
adobe
|
acrobat_reader
acrobat
|
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1376
|
2024-11-21 10:49 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291305
|
- |
|
lenovo
|
thinkpad_bluetooth_with_enhanced_data_rate_software
|
Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code a…
|
NVD-CWE-Other
|
CVE-2013-1361
|
2024-11-21 10:49 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291306
|
- |
|
dave_coffin
|
dcraw
|
Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo fil…
|
NVD-CWE-noinfo
|
CVE-2013-1438
|
2024-11-21 10:49 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291307
|
- |
|
zabbix
|
zabbix
|
The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.
|
CWE-287
Improper Authentication
|
CVE-2013-1364
|
2024-11-21 10:49 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291308
|
- |
|
uclouvain
|
openjpeg
|
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other e…
|
NVD-CWE-noinfo
|
CVE-2013-1447
|
2024-11-21 10:49 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291309
|
- |
|
os4ed
|
opensis
|
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
|
CWE-94
Code Injection
|
CVE-2013-1349
|
2024-11-21 10:49 |
2013-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291310
|
- |
|
mit
|
kerberos_5
|
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of s…
|
CWE-20
Improper Input Validation
|
CVE-2013-1417
|
2024-11-21 10:49 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
