|
290161
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet …
|
CWE-399
Resource Management Errors
|
CVE-2013-3140
|
2024-11-21 10:53 |
2013-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290162
|
- |
|
vmware
|
esxi
workstation
esx
player
fusion
|
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows gue…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3519
|
2024-11-21 10:53 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290163
|
- |
|
cisco
|
prime_network_registrar
|
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3394
|
2024-11-21 10:53 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290164
|
- |
|
emc
|
rsa_data_protection_manager_appliance
|
Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.x before 3.2.4.2 and 3.5.x before 3.5.1 allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3288
|
2024-11-21 10:53 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290165
|
- |
|
cisco
|
server_provisioner
|
The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require authentication for unspecified pages, which allows remote attackers to obtain sensitive information…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3407
|
2024-11-21 10:53 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290166
|
- |
|
cisco
|
service_portal
|
The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via…
|
CWE-20
Improper Input Validation
|
CVE-2013-3406
|
2024-11-21 10:53 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290167
|
- |
|
emc
|
documentum_eroom
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3286
|
2024-11-21 10:53 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290168
|
- |
|
emc
|
documentum_taskspace
documentum_capital_projects
documentum_wdk
documentum_digital_asset_manager
documentum_administrator
documentum_webtop
documentum_web_publisher
|
Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3281
|
2024-11-21 10:53 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290169
|
- |
|
smackcoders
|
wp_ultimate_email_marketer_plugin
|
The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to (1) list/edit.php and (2) campaign/editCampaign.php, which allows remote attackers …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3264
|
2024-11-21 10:53 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290170
|
- |
|
smackcoders
|
wp_ultimate_email_marketer_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in the WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3263
|
2024-11-21 10:53 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
