|
290061
|
- |
|
cisco
|
ios_xe
|
The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authenticat…
|
CWE-287
Improper Authentication
|
CVE-2013-6979
|
2024-11-21 11:00 |
2013-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290062
|
- |
|
cisco
|
unified_communications_manager
|
The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extr…
|
CWE-200
Information Exposure
|
CVE-2013-6978
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290063
|
- |
|
efrontlearning
|
efront
|
Multiple cross-site scripting (XSS) vulnerabilities in www/administrator.php in eFront 3.6.14 (build 18012) allow remote authenticated administrators to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7194
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290064
|
- |
|
etoshop
|
c2c_forward_auction_creator
|
Multiple SQL injection vulnerabilities in C2C Forward Auction Creator 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) pa parameter to auction/asp/list.asp, or the (2) UserID …
|
CWE-89
SQL Injection
|
CVE-2013-7193
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290065
|
- |
|
etoshop
|
dynamic_biz_website_builder_quickweb
|
Multiple SQL injection vulnerabilities in Dynamic Biz Website Builder (QuickWeb) allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps/news-events/newdetail.asp, o…
|
CWE-89
SQL Injection
|
CVE-2013-7192
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290066
|
- |
|
tenmiles
|
helpdesk_pilot
|
Cross-site scripting (XSS) vulnerability in Tenmiles Helpdesk Pilot allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI for a ticket.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7191
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290067
|
- |
|
typo3
|
flow
|
Cross-site scripting (XSS) vulnerability in the errorAction method in the ActionController base class in TYPO3 Flow (formerly FLOW3) 1.1.x before 1.1.1 and 2.0.x before 2.0.1 allows remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7082
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290068
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7077
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290069
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7076
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290070
|
- |
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7074
|
2024-11-21 11:00 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
