|
291321
|
- |
|
nmap
opensuse
|
nmap
opensuse
|
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in …
|
NVD-CWE-Other
|
CVE-2013-4885
|
2024-11-21 10:56 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291322
|
- |
|
puppet
|
puppet_enterprise
|
Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions…
|
CWE-287
Improper Authentication
|
CVE-2013-4965
|
2024-11-21 10:56 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291323
|
- |
|
puppet
|
puppet_enterprise
|
The dashboard report in Puppet Enterprise before 3.0.1 allows attackers to execute arbitrary YAML code via a crafted report-specific type.
|
CWE-94
Code Injection
|
CVE-2013-4957
|
2024-11-21 10:56 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291324
|
- |
|
iodata
|
hdl2-a\/e
hdl2-ah
hdl2-a_firmware
hdl-a\/e
hdl-ah
hdl-as
hdl-a_firmware
|
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified v…
|
CWE-399
Resource Management Errors
|
CVE-2013-4712
|
2024-11-21 10:56 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291325
|
- |
|
juniper
|
junos
|
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 …
|
CWE-352
Origin Validation Error
|
CVE-2013-4689
|
2024-11-21 10:56 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291326
|
- |
|
ruckuswireless
|
zoneflex_2942__firmware
zoneflex_2942
|
Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5030
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291327
|
- |
|
hp
|
service_manager
|
Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4833
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291328
|
- |
|
hp
|
service_manager
|
HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2013-4832
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291329
|
- |
|
hp
|
service_manager
|
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-4831
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291330
|
- |
|
hp
|
service_manager
|
HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.
|
CWE-94
Code Injection
|
CVE-2013-4830
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
