|
290321
|
- |
|
joomla
|
joomla\!
|
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated use…
|
CWE-20
Improper Input Validation
|
CVE-2013-3242
|
2024-11-21 10:53 |
2013-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290322
|
- |
|
freebsd
|
freebsd
|
The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 through 9.1-RELEASE-p3 does not verify that a READDIR request is for a directory node, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2013-3266
|
2024-11-21 10:53 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290323
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3107
|
2024-11-21 10:53 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290324
|
- |
|
linux
|
linux_kernel
|
Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly ha…
|
CWE-362
Race Condition
|
CVE-2013-3302
|
2024-11-21 10:53 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290325
|
- |
|
linux
redhat
suse
|
linux_kernel
enterprise_linux
enterprise_mrg
linux_enterprise_desktop
linux_enterprise_server
linux_enterprise_high_availability_extension
|
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by lev…
|
NVD-CWE-Other
|
CVE-2013-3301
|
2024-11-21 10:53 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290326
|
- |
|
phpmyadmin
|
phpmyadmin
|
export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users t…
|
NVD-CWE-noinfo
|
CVE-2013-3241
|
2024-11-21 10:53 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290327
|
- |
|
phpmyadmin
|
phpmyadmin
|
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a pa…
|
CWE-22
Path Traversal
|
CVE-2013-3240
|
2024-11-21 10:53 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290328
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename…
|
CWE-94
Code Injection
|
CVE-2013-3239
|
2024-11-21 10:53 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290329
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace fu…
|
NVD-CWE-noinfo
|
CVE-2013-3238
|
2024-11-21 10:53 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290330
|
- |
|
cybozu
|
cybozu_office
|
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 allows remote attackers to hijack the authentication of arbitrary users for requests that change mob…
|
CWE-352
Origin Validation Error
|
CVE-2013-3269
|
2024-11-21 10:53 |
2013-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
