|
289961
|
- |
|
cs-cart
|
cs-cart
|
Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a) a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7317
|
2024-11-21 11:00 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289962
|
- |
|
gitlab
|
gitlab
|
Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by READM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7316
|
2024-11-21 11:00 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289963
|
- |
|
gomlab
|
gom_player
|
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7184
|
2024-11-21 11:00 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289964
|
- |
|
avanset
|
visual_certexam_manager
|
Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) C…
|
CWE-89
SQL Injection
|
CVE-2013-7175
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289965
|
- |
|
springsource
vmware
|
spring_framework
|
The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to rea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7315
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289966
|
- |
|
openstack
|
nova
|
OpenStack Compute (Nova) Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7048
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289967
|
- |
|
nec
|
ip38x_3000
ip38x_1100
ip38x_140
ip38x_1200
ip38x_2000
ip38x_107e
ip38x_810
ip38x_1500
ip38x_300
ip38x_105
ip38x_250i
ip38x_1000
|
The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performin…
|
NVD-CWE-Other
|
CVE-2013-7314
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289968
|
- |
|
juniper
|
junos
junose
screenos
|
The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets…
|
NVD-CWE-Other
|
CVE-2013-7313
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289969
|
- |
|
enterasys
|
k10
s180
g3
c5
k6
s155
s140
s130
s150
|
The OSPF implementation on Enterasys switches and routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on…
|
NVD-CWE-Other
|
CVE-2013-7312
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289970
|
- |
|
checkpoint
|
gaia_os
ipso_os
|
The OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO OS 6.2 R75.X and R76 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packet…
|
NVD-CWE-Other
|
CVE-2013-7311
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
