|
290681
|
- |
|
mcafee
|
epolicy_orchestrator
|
SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a cra…
|
CWE-89
SQL Injection
|
CVE-2013-0140
|
2024-11-21 10:46 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290682
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0127
|
2024-11-21 10:46 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290683
|
- |
|
erik_michaels-ober
grape_project
|
multi_xml
grape
|
multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection a…
|
CWE-20
Improper Input Validation
|
CVE-2013-0175
|
2024-11-21 10:46 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290684
|
- |
|
bitberry_software
|
bitzipper
|
BitZipper 2013 before Update 1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ZIP archive.
|
NVD-CWE-Other
|
CVE-2013-0138
|
2024-11-21 10:46 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290685
|
- |
|
avast
|
avast\!_mobile_security
|
The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.androi…
|
CWE-20
Improper Input Validation
|
CVE-2013-0122
|
2024-11-21 10:46 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290686
|
- |
|
apache
|
activemq
|
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
|
CWE-399
Resource Management Errors
|
CVE-2012-6551
|
2024-11-21 10:46 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290687
|
- |
|
pd-admin
|
pd-admin
|
Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via (1) the WebFTP Overview "Create new directory" …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0129
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290688
|
- |
|
arecont
|
vision_av1355dn_megadome_camera
|
The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69.
|
NVD-CWE-noinfo
|
CVE-2013-0139
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290689
|
- |
|
parallels
|
parallels_plesk_panel
|
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable.
|
NVD-CWE-Other
|
CVE-2013-0133
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290690
|
- |
|
parallels
|
parallels_plesk_panel
|
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing cr…
|
CWE-94
Code Injection
|
CVE-2013-0132
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
