|
290031
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an i…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3742
|
2024-11-21 10:54 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290032
|
- |
|
atlassian
|
crowd
|
Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to a "symmetric backdoor." NOTE: as of 20130704, the vendor could not reproduce the issue,…
|
NVD-CWE-Other
|
CVE-2013-3926
|
2024-11-21 10:54 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290033
|
- |
|
atlassian
|
crowd
|
Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or…
|
CWE-20
Improper Input Validation
|
CVE-2013-3925
|
2024-11-21 10:54 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290034
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3653
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290035
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3652
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290036
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_F…
|
CWE-22
Path Traversal
|
CVE-2013-3654
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290037
|
- |
|
lockon
|
ec-cube
|
LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SC_CheckError.php and data/class/SC_FormPara…
|
CWE-94
Code Injection
|
CVE-2013-3651
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290038
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LC_Page_ResizeImage.php in LOCKON EC-CUBE before 2.12.5 allows remote attackers to read arbitrary image files via…
|
CWE-22
Path Traversal
|
CVE-2013-3650
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290039
|
- |
|
ds3
|
authentication_server
|
ServerAdmin/ErrorViewer.jsp in DS3 Authentication Server allow remote attackers to inject arbitrary error-page text via the message parameter.
|
CWE-20
Improper Input Validation
|
CVE-2013-4098
|
2024-11-21 10:54 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290040
|
- |
|
ds3
|
authentication_server
|
ServerAdmin/TestDRConnection.jsp in DS3 Authentication Server allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in a -REG-E-OPEN error …
|
CWE-22
Path Traversal
|
CVE-2013-4097
|
2024-11-21 10:54 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
